SMTP (Simple Mail Transfer Protocol) is the standard protocol for sending email across networks.

If you are searching for "smtp protocol", "smtp commands", or "smtp commands and responses", this guide gives you the practical model and troubleshooting path.

Quick answer: what is SMTP protocol?

SMTP is a command/response protocol. A client sends commands like , , , and , and the server returns status codes such as , , , or .

How SMTP works step by step

  1. Client opens a TCP connection to an SMTP server.
  2. Server responds with greeting ().
  3. Client identifies itself with .
  4. Client negotiates TLS/auth if required.
  5. Client sends envelope sender and recipients.
  6. Client sends message content after .
  7. Server queues message for delivery and returns status.

Session example:

Core SMTP commands

CommandPurpose
Identifies client and requests ESMTP capabilities
Legacy SMTP greeting
Defines envelope sender
Adds recipient
Starts message body transfer
Resets active transaction
Keep-alive/no operation
Closes SMTP session
Starts SMTP authentication

For auth detail, read SMTP authentication explained.

SMTP response codes you should know

success

  • : service ready
  • : authentication successful
  • : requested action completed

temporary failure

  • retry later
  • often related to transient policy, network, or mailbox state

permanent failure

  • fix configuration, auth, sender identity, or recipient data
  • common examples: auth failed, relay denied/mailbox unavailable

SMTP ports and when to use them

PortTypical use
Authenticated submission with STARTTLS (best default)
Implicit TLS submission
Server-to-server relay, often blocked for app clients
Alternate submission port offered by some providers

See also: Which SMTP port should I use?

SMTP vs IMAP vs POP3

  • SMTP: send/submit email
  • IMAP: read/sync mailbox state
  • POP3: download mailbox messages

Most applications use SMTP for outbound delivery and IMAP/POP3 only when mailbox retrieval is needed.

Secure SMTP setup checklist

  1. Use + STARTTLS (or TLS)
  2. Require SMTP AUTH (or OAuth where required)
  3. Configure SPF, DKIM, and DMARC
  4. Use dedicated sender identities and monitored bounce paths
  5. Log SMTP transcripts for incident debugging

For security deep dive: SMTP encryption and STARTTLS.

Test SMTP behavior in CI and staging

Protocol success is not enough. Validate end-to-end behavior:

  • message arrival and latency
  • header/body correctness
  • OTP and verification link parsing
  • bounce and retry handling

MailSlurp helps teams create inboxes on demand and assert delivery in tests. Start with email integration testing and sending emails in code.

Production SMTP operations checklist

Use this checklist to reduce incident rate in high-volume SMTP workflows:

  1. Validate templates and recipient logic in an email sandbox.
  2. Add release-gate assertions with email integration testing.
  3. Track delivery and bounce lifecycle with email webhooks.
  4. Route retries and fallback paths through email automation routing.
  5. Continuously run deliverability tests and DMARC monitoring.

This closes the gap between protocol correctness and real inbox reliability.

FAQ

Is SMTP only for sending?

Yes. SMTP handles outbound transfer/submission, not mailbox retrieval.

What is ESMTP?

ESMTP is extended SMTP, adding capabilities like auth and STARTTLS, advertised via .

Why do SMTP emails fail even when code looks correct?

Most failures are policy or config issues: auth mode mismatch, wrong port/TLS mode, sender identity misconfiguration, or domain authentication gaps.

Final take

SMTP is simple in concept but operationally sensitive. Teams that understand command flow, auth, and response codes can diagnose failures faster and improve delivery reliability.