SMTP Commands Explained: Understanding the Backbone of Email

Dive into the world of SMTP, the backbone of email communication. This guide covers essential SMTP commands, demonstrates their usage through Python scripting, and highlights the importance of security protocols like SPF, DKIM, and DMARC.

SMTP Commands Explained: Understanding the Backbone of Email
Understanding How SMTP Works

If you're here, you've probably heard a lot about SMTP (Simple Mail Transfer Protocol), which is the foundation of email communication. But what lies beyond the surface of this important protocol? In this post, we'll look at SMTP commands, which are a set of instructions that coordinate email exchanges over the internet.

From connecting to a mail server to delivering a message across continents, these instructions ensure that your emails arrive in the correct inbox. Whether you're a budding IT expert, a curious tech enthusiast, or just interested in how email functions, this guide to SMTP commands will help you understand the essential processes that occur every time you press 'send'. Join us as we decipher each command, understanding not just its operation but also its importance in keeping our digital world connected.

Commonly Used SMTP Commands

While there are many SMTP commands, from both past and present, this section concentrates on the most commonly used. These commands are the foundation of email communication, ensuring the efficient and reliable transport of messages. These commands are critical in the day-to-day operation of email services.

Understanding these popular SMTP commands is critical for anyone seeking to improve their understanding of how email systems work. Let's look at these important commands and their functions in the SMTP process.

All SMTP Commands
List of SMTP Commands

HELO / EHLO

The HELO (Hello) and EHLO (Extended Hello) commands initiate any SMTP session. Email clients and servers use these instructions to introduce themselves to the mail server with whom they desire to communicate.

HELO: This is SMTP's fundamental greeting command. When a client transmits "HELO" followed by its domain name, it starts an SMTP session. This command means, "Hello, I'm here and ready to start emailing."

EHLO: A more advanced version of HELO, the EHLO command is used by clients that support ESMTP protocol. When a client transmits "EHLO," it signals that it is capable of using improved SMTP capabilities such as authentication, encryption, and message chunking. The server returns a list of the SMTP service extensions it supports.

HELO user.com

MAIL FROM

The MAIL FROM command is an essential SMTP command that specifies the sender's email address. It represents the start of an email transaction in which the client informs the server who is sending the email. This command is always used as the first stage in the process of sending an email message after the SMTP connection has been established and the HELO/EHLO greeting exchanged.

MAIL FROM: < someone@gmail.com >

RCPT TO

The RCPT TO command in SMTP specifies the recipient of an email message. Following the MAIL FROM instruction, which identifies the sender, RCPT TO is critical in determining who will receive the email.

RCPT TO command can be used many times in the same email transaction to designate different recipients. Each time you use RCPT TO, a new recipient is added to the list of people who will receive the email.

RCPT TO: < receiver1@gmail.com >
RCPT TO: < receiver2@gmail.com >

DATA

The DATA command in SMTP is the final stage in the email sending process. It marks the start of the actual email content, including headers and body, after the sender and recipient addresses have been recorded using the MAIL FROM and RCPT TO commands.

The mail data transfer is terminated with a period (".") on the final line. The server responds to the last line.

DATA
354 (server response)
Subject: Meeting Schedule Update
From: alice@example.com
To: bob@example.com
Date: Mon, 16 Jan 2024 10:00:00 +0000

Body
.

Well, these are the basic commands required to initiate and complete a message transfer. In addition to these commands, the protocol also includes a few others that are important.

RSET

The RSET command resets the current email transaction. This command is very handy if you need to stop the current process or clear any errors that have occurred without ending the SMTP session.

RSET

HELP

The HELP command is intended to provide assistance or information regarding the SMTP server's commands. It's a handy tool for users to learn more about the capabilities of the SMTP server they're working with. However, not all email servers support this command.

HELP

NOOP

The NOOP command's primary purpose is to request a response from the server, ensuring that the connection is still active and responding. When a client sends the NOOP command, it is effectively requesting the server for an acknowledgement without intending to carry out any specific action or transaction. The server usually replies with a 250 OK message to indicate that it's still there and the connection is working.

NOOP

VRFY

The VRFY command is used to confirm the existence of an email address on the receiving server. This command is particularly important for validating that a recipient's email address is legitimate and capable of receiving emails.
However, most service providers refrain from offering this SMTP command due to the risks of email enumeration.

VRFY someone@gmail.com

QUIT

The QUIT command is typically sent after all email messages have been processed and the client no longer needs to communicate with the server. It is the formal way to end an SMTP session, ensuring that both the client and server have agreed to terminate the connection.

QUIT

So far, we've covered the major commands that are essential to SMTP. These commands are the cornerstone of how SMTP handles email transport and conversation. Aside from these basic commands, there are two key aspects of SMTP that improve its functionality and security: STARTTLS and AUTH.

Originally, SMTP was a plain text protocol, operating without any encryption, which left it vulnerable to various security threats like eavesdropping and interception.

STARTTLS: This command converts an existing unsecure connection to a secure one using Transport Layer Security (TLS). It is an important instruction for encrypting communication between the email client and the server, ensuring that the data being transmitted is secure from eavesdropping and man-in-the-middle attacks. This is mostly used on port 587 which is unprotected by default. However, if you're using port 465, you probably don't need to use this SMTP command as all communications on that port are encrypted from the start.

AUTH: The AUTH command is used for authentication. It enables the SMTP client to log in to the SMTP server using various authentication mechanisms. This process is crucial for verifying the identity of the user sending the email and for preventing unauthorized access to the email server. This is commonly used by SMTP relays such as Maileroo and when you're sending an email to Google's SMTP Receiver through your email client such as Thunderbird or Mailbird.

SMTP Session

Ever wonder what an SMTP session looks like? Don't worry. In this section, we'll walk you through a full SMTP session, demonstrating the typical sequence of commands and answers that happen during email transmission.

Here's an example of an SMTP session:

C: EHLO client.example.com
S: 250-server.example.com Hello client.example.com
S: 250-SIZE 52428800
S: 250-8BITMIME
S: 250-STARTTLS
S: 250-AUTH LOGIN PLAIN
S: 250 ENHANCEDSTATUSCODES

C: STARTTLS
S: 220 2.0.0 Ready to start TLS

[Secure connection established]

C: AUTH LOGIN
S: 334 VXNlcm5hbWU6
C: [Base64-encoded username]
S: 334 UGFzc3dvcmQ6
C: [Base64-encoded password]
S: 235 2.7.0 Authentication successful

C: MAIL FROM:
S: 250 2.1.0 Sender  OK

C: RCPT TO:
S: 250 2.1.5 Recipient  OK

C: DATA
S: 354 Start mail input; end with .

C: Subject: Test Email
C: 
C: Hi Bob, this is a test email.
C: .
S: 250 2.0.0 OK: queued as 12345

C: QUIT
S: 221 2.0.0 Bye

[Connection closed]

Python Code

Run a real SMTP session on your machine with Python! Our guide includes a sample code snippet that shows the major SMTP commands in operation, from STARTTLS to DATA. This hands-on approach is ideal for individuals who prefer to learn by doing, since it provides a unique opportunity to observe SMTP commands at operation.

import smtplib
import base64
from email.mime.text import MIMEText

# SMTP server configuration
smtp_server = "server.example.com"
smtp_port = 587  # Port for STARTTLS
username = "alice@example.com"
password = "your_password"  # Replace with the actual password

# Email content
sender_email = "alice@example.com"
recipient_email = "bob@example.com"
subject = "Test Email"
body = "Hi Bob, this is a test email."

# Create a secure SSL context and connect to server
context = smtplib.ssl.create_default_context()
with smtplib.SMTP(smtp_server, smtp_port) as server:
    # EHLO command
    server.ehlo()

    # STARTTLS command
    server.starttls(context=context)
    server.ehlo()

    # AUTH LOGIN command
    server.login(username, password)

    # MAIL FROM command
    server.mail(sender_email)

    # RCPT TO command
    server.rcpt(recipient_email)

    # DATA command
    msg = MIMEText(body)
    msg["Subject"] = subject
    msg["From"] = sender_email
    msg["To"] = recipient_email
    server.sendmail(sender_email, recipient_email, msg.as_string())

    # QUIT command
    server.quit()

Unfortunately, the offered sample Python code for SMTP sessions might not function well with major Email Service Providers such as Gmail, Yahoo, and Outlook because of several key factors regarding email security and sender reputation.

SPF (Sender Policy Framework) is a security measure designed to prevent sender address spoofing. It enables the email receiver to make sure that incoming mail from a domain originates from a server authorised by the domain's administration. Without sufficient SPF records, emails sent using the script may be refused or designated as spam. You can learn more about SPF by clicking here.

DKIM (DomainKeys Identified Mail) is a cryptographic authentication method that validates a domain name's identity connected with a message. Emails without DKIM signatures may not be trusted by certain providers, resulting in delivery difficulties or being flagged as spam.

DMARC (Domain-based Message Authentication, Reporting, and Conformance): DMARC expands on the SPF and DKIM protocols by instructing the receiving mail server on how to handle emails that fail SPF and DKIM checks. Without DMARC, major providers' processing and delivery of emails may be inconsistent.

Starting 2024, these are the minimum requirements to send emails to Gmail and Yahoo. Here's more details on that: Optimising SMTP Email Deliverability With New Authentication Requirements: A Complete 2024 Guide

Static IP and IP Reputation: Major email providers frequently examine or block email traffic from dynamic IP addresses or IPs with a poor reputation (for transmitting spam). Using a static IP address with a strong reputation can dramatically boost email delivery.

Email Volume and Sending Practices: Sending a huge number of emails from a new or unfamiliar server may activate spam filters. Email providers monitor such behaviours and may ban or limit the delivery of suspicious emails.

To send emails through these providers using a script, make sure that the sending server and domain are properly configured for SPF, DKIM, and DMARC. Furthermore, utilising a respectable IP address and following excellent email sending procedures are critical for building a solid sender reputation and achieving consistent email delivery.

This is why using an SMTP relay service such as Maileroo is important. They handle all the intricate details behind the SMTP and let you send emails with a simple and easy to use Email API!

Using Telnet to Send SMTP Commands

Sending SMTP commands using Telnet is a traditional approach for testing and understanding the SMTP email sending process. This approach enables you to manually submit SMTP commands and observe real-time responses from the mail server, giving you a clear perspective of the email delivery process.

To begin with, make sure that you have telnet installed and then open command prompt or console on your machine, and initiate a SMTP session by executing the following command below.

telnet gmail-smtp-in.l.google.com 25

And, then start sending SMTP commands to the server, just like you're talking to a friend!

To summarise, understanding SMTP commands and their implementation, whether via Telnet, Python scripting, or other means, is critical for anyone working with email technologies.

Areeb Majeed is the co-founder of Maileroo. With a background in technology, Areeb plays a key role in shaping the company's technical strategy and overseeing its implementation.