If your question is what SMTP port should I use, the short answer is:

  • use 587 with STARTTLS for most application senders
  • use 465 only if provider requires implicit TLS
  • use 2525 as alternate submission port when supported
  • avoid 25 for app submission in most cloud setups

Fast decision table

SituationRecommended port
Standard authenticated app sending587
Provider explicitly requires SMTPS465
587 blocked by network/provider2525
Server-to-server relay use case25

Why 587 is usually the default

Port 587 is designed for authenticated message submission and supports STARTTLS upgrade.

This usually provides better compatibility for app senders than relying on port 25.

TLS pairing rules to avoid mistakes

  • 587 -> STARTTLS
  • 465 -> implicit TLS
  • 25 -> relay scenarios, often restricted for application egress

Related references:

Validate before production rollout

Use this sequence:

  1. Validate connection and TLS negotiation.
  2. Validate SMTP auth and sender policy posture.
  3. Validate inbox outcomes with real receive-side assertions.

Recommended workflow pages:

FAQ

Can I always use port 25?

Usually no for app-level submission. Many providers and networks restrict it.

Is 2525 an official standard port?

It is commonly supported as an alternate submission port, but support depends on provider.

Why does sending fail only in production?

Production environments often enforce stricter egress, TLS, and auth requirements than local setups.

Next steps