SMTP Complete Guide: What It Is, How It Works, and Best Practices

SMTP is the backbone of email communication on the internet. Every email you send, whether from your personal inbox or a marketing automation platform, relies on SMTP to reach its destination. Understanding how SMTP works is essential for anyone managing email marketing, transactional emails, or business communications.

This comprehensive guide covers everything you need to know about SMTP: from the fundamentals of how it works to advanced authentication methods, provider comparisons, and troubleshooting common issues.

What is SMTP?

SMTP (Simple Mail Transfer Protocol) is the standard communication protocol used to send email across the internet. Developed in 1982, SMTP defines how email messages are transmitted from one server to another, acting as the postal service of the digital world.

When you send an email, SMTP handles the outgoing transmission. It pushes your message from your email client to your mail server, and then from your mail server to the recipient’s mail server. The protocol operates on a set of rules that ensure reliable delivery of messages across different email systems worldwide.

Key Characteristics of SMTP

• Push protocol: SMTP pushes emails from sender to recipient (unlike POP3/IMAP which pull emails)
• Text-based: Commands and responses are human-readable
• Connection-oriented: Uses TCP/IP for reliable transmission
• Store-and-forward: Messages are stored temporarily at intermediate servers before forwarding
• Standardized: RFC 5321 defines current SMTP specifications

SMTP vs. Other Email Protocols

SMTP works alongside POP3 and IMAP. While SMTP sends your outgoing mail, POP3 or IMAP retrieves incoming mail to your inbox. Most email clients use SMTP for sending and IMAP for receiving, providing a complete email experience.

How SMTP Works

Understanding the SMTP process helps you diagnose delivery issues and optimize your email infrastructure. Here is the step-by-step journey of an email from sender to recipient.

The SMTP Communication Process

Step 1: Connection Establishment

Your email client (Mail User Agent) connects to your outgoing mail server (Mail Transfer Agent) via TCP port 25, 587, or 465. A “handshake” occurs where the server identifies itself.

Step 2: SMTP Handshake (HELO/EHLO)

The client initiates communication with a HELO or EHLO command:

Client: EHLO mail.example.com
Server: 250-smtp.provider.com Hello

EHLO (Extended HELO) is the modern version that supports SMTP extensions like authentication and TLS encryption.

Step 3: Sender Identification (MAIL FROM)

The client specifies the sender’s email address:

Client: MAIL FROM:<[email protected]>
Server: 250 OK

Step 4: Recipient Specification (RCPT TO)

The client identifies one or more recipients:

Client: RCPT TO:<[email protected]>
Server: 250 OK

Step 5: Message Data Transfer (DATA)

The actual email content is transmitted:

Client: DATA
Server: 354 Start mail input
Client: Subject: Test Email
Client: From: [email protected]
Client: To: [email protected]
Client:
Client: This is the email body.
Client: .
Server: 250 OK

Step 6: Connection Termination (QUIT)

The session ends gracefully:

Client: QUIT
Server: 221 Bye

The Complete Email Journey

1. Composition: You write an email in your client (Gmail, Outlook, etc.)
2. Submission: Your client connects to your SMTP server
3. DNS Lookup: Your server queries DNS for the recipient’s MX records
4. Transfer: Your server connects to the recipient’s SMTP server
5. Delivery: The recipient’s server accepts the message
6. Storage: The message is stored for the recipient to retrieve via POP3/IMAP

SMTP Ports Explained

Port 587 is the recommended port for sending email from applications and email clients. It requires authentication and supports STARTTLS encryption.

Port 25 was the original SMTP port but is now primarily used for server-to-server communication. Many ISPs block outbound port 25 to prevent spam.

Port 465 was briefly designated for SMTPS (SMTP over SSL) but was reassigned. Some providers still support it for legacy compatibility.

SMTP vs. Email API: Which Should You Use?

Modern applications have two primary options for sending email programmatically: traditional SMTP and HTTP-based Email APIs. Each approach has distinct advantages.

SMTP Approach

With SMTP, your application connects directly to an SMTP server using the protocol described above.

Advantages:

• Universal compatibility with any email-sending library
• Works with existing email infrastructure
• No vendor lock-in to specific API formats
• Simpler setup for basic use cases
• Works in environments with limited HTTP access

Disadvantages:

• More complex error handling
• Limited tracking without additional setup
• Synchronous sending can be slower
• Connection management overhead
• Harder to implement advanced features

Email API Approach

Email APIs use HTTP/REST to send messages, abstracting the underlying SMTP complexity.

Advantages:

• Rich tracking (opens, clicks, bounces) built-in
• Asynchronous sending with webhooks
• Simpler error handling with HTTP status codes
• Advanced features (templates, scheduling) native
• Better analytics and reporting
• Easier integration with modern applications

Disadvantages:

• Vendor-specific implementation
• Requires internet connectivity (not local relay)
• API rate limits may apply
• Learning curve for API-specific features

When to Use SMTP

• Legacy systems: Older applications designed for SMTP
• Simple transactional emails: Basic notifications without tracking needs
• On-premises software: Applications in restricted network environments
• Email client configuration: Desktop or mobile email apps
• WordPress and CMS: Many plugins expect SMTP credentials

When to Use Email API

• Marketing automation: Campaigns requiring detailed analytics
• High-volume sending: Applications sending thousands of emails
• Modern applications: SaaS products with complex email needs
• Advanced features: Template management, A/B testing, dynamic content
• Real-time tracking: When you need immediate delivery feedback

Hybrid Approach

Many organizations use both: SMTP for simple transactional messages from legacy systems, and Email APIs for marketing campaigns and complex automation. Platforms like Brevo support both methods, allowing you to choose based on each use case.

SMTP Authentication Explained

SMTP authentication prevents unauthorized users from sending email through your server. Without authentication, anyone could use your server to send spam, damaging your reputation and deliverability.

Types of SMTP Authentication

SMTP AUTH (RFC 4954)

The standard authentication mechanism requiring username and password before sending.

Client: AUTH LOGIN
Server: 334 VXNlcm5hbWU6
Client: [base64-encoded username]
Server: 334 UGFzc3dvcmQ6
Client: [base64-encoded password]
Server: 235 Authentication successful

Common AUTH mechanisms:

TLS/SSL Encryption

Always use encryption to protect credentials:

• STARTTLS: Upgrades plain connection to encrypted (port 587)
• Implicit TLS: Connection encrypted from start (port 465)

API Keys vs. Passwords

Modern SMTP services often use API keys instead of passwords:

Username: apikey (literal string)
Password: your-api-key-here

API keys are preferable because they can be rotated without changing account passwords and can have limited permissions.

Setting Up SMTP Credentials

When configuring an application to send email via SMTP, you typically need:

1. SMTP Host: The server address (e.g., smtp.brevo.com)
2. SMTP Port: Usually 587 for authenticated submission
3. Username: Your account email or API key identifier
4. Password: Your account password or API key
5. Encryption: TLS/STARTTLS enabled

Example configuration for Brevo SMTP:

Host: smtp-relay.brevo.com
Port: 587
Username: [email protected]
Password: your-smtp-key
Encryption: STARTTLS

Email Authentication: SPF, DKIM, and DMARC

Beyond SMTP authentication (proving you can use the server), email authentication protocols verify that emails genuinely come from the claimed sender. These DNS-based mechanisms protect against spoofing and phishing.

SPF (Sender Policy Framework)

SPF specifies which IP addresses and servers are authorized to send email for your domain.

How SPF Works:

1. You publish SPF records in your domain’s DNS
2. When receiving a server gets your email, it checks SPF
3. If the sending IP matches your SPF record, the email passes
4. If not, the email may be marked as spam or rejected

SPF Record Example:

v=spf1 include:spf.brevo.com include:_spf.google.com -all

This record allows Brevo and Google to send email for your domain, and rejects all other senders (-all).

SPF Syntax:

SPF Best Practices:

• Use -all (hard fail) once confident in your configuration
• Keep under 10 DNS lookups to avoid permerror
• Include all legitimate sending sources
• Test with SPF validators before deploying

DKIM (DomainKeys Identified Mail)

DKIM adds a cryptographic signature to your emails, proving they were not modified in transit and came from your domain.

How DKIM Works:

1. Your email server signs outgoing messages with a private key
2. You publish the corresponding public key in DNS
3. Receiving servers verify the signature using your public key
4. Valid signatures confirm message integrity and origin

DKIM DNS Record Example:

brevo._domainkey.example.com IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4..."

The selector (brevo) identifies which key to use, allowing multiple services to send with different DKIM keys.

DKIM Components:

DKIM Best Practices:

• Use 2048-bit RSA keys (minimum 1024-bit)
• Rotate keys periodically
• Sign important headers (From, Subject, Date)
• Test signatures before full deployment

DMARC (Domain-based Message Authentication, Reporting, and Conformance)

DMARC builds on SPF and DKIM, adding policies for handling authentication failures and reporting capabilities.

How DMARC Works:

1. You publish a DMARC policy in DNS
2. Receiving servers check SPF and DKIM alignment
3. Failed emails are handled according to your policy
4. Reports are sent to you about authentication results

DMARC DNS Record Example:

_dmarc.example.com IN TXT "v=DMARC1; p=quarantine; rua=mailto:[email protected]; pct=100"

DMARC Policies:

DMARC Implementation Path:

1. Start with p=none: Monitor without affecting delivery
2. Analyze reports: Identify legitimate sources failing authentication
3. Fix issues: Add missing SPF includes, configure DKIM
4. Move to p=quarantine: Start protecting with soft enforcement
5. Progress to p=reject: Maximum protection once confident

DMARC Best Practices:

• Start with p=none and rua (aggregate reports)
• Monitor reports for 2-4 weeks before enforcing
• Ensure all legitimate senders pass SPF or DKIM with alignment
• Gradually increase pct (percentage) when enforcing

Authentication Alignment

DMARC requires “alignment” between the domain in the From header and the domains passing SPF/DKIM:

• SPF Alignment: Return-Path domain matches From domain
• DKIM Alignment: DKIM signing domain matches From domain

This prevents attackers from using your SPF/DKIM infrastructure to send spoofed emails.

Best SMTP Services and Providers

Choosing the right SMTP provider impacts deliverability, cost, and features. Here are the leading options for 2026.

Brevo (formerly Sendinblue)

Best for: E-commerce, transactional and marketing email combined

Brevo offers both SMTP relay and API access with competitive pricing. Its strength lies in combining transactional email with marketing automation, CRM, and multi-channel communication (SMS, WhatsApp).

SMTP Configuration:

Host: smtp-relay.brevo.com
Port: 587
Authentication: Required
Encryption: STARTTLS

When using Tajo to integrate your Shopify store with Brevo, you get automatic customer data synchronization alongside reliable SMTP delivery for transactional emails like order confirmations, shipping notifications, and receipts.

Amazon SES (Simple Email Service)

Best for: High-volume senders with AWS infrastructure

Amazon SES offers extremely low pricing for high volumes and integrates seamlessly with other AWS services.

Considerations:

• Requires technical expertise to configure properly
• Reputation management is your responsibility
• Best suited for developers comfortable with AWS

SendGrid (Twilio)

Best for: Developers needing robust APIs and scalability

SendGrid provides developer-friendly APIs with excellent documentation and scalability for growing businesses.

Mailgun

Best for: Transactional email with detailed logging

Mailgun focuses on transactional and developer use cases with powerful log searching and validation features.

Postmark

Best for: Transactional email requiring fastest delivery

Postmark specializes in transactional email with industry-leading delivery speeds and strict anti-spam policies.

Provider Comparison Summary

Choosing the Right Provider

Consider these factors:

1. Volume: How many emails per month?
2. Type: Marketing, transactional, or both?
3. Technical resources: Can you manage complex setups?
4. Features needed: Templates, analytics, A/B testing?
5. Budget: What is your monthly email budget?
6. Integration: What systems need to connect?

For e-commerce businesses using Shopify with marketing automation needs, Brevo combined with Tajo provides a complete solution: customer data synchronization, transactional email, marketing campaigns, and multi-channel communication in one integrated stack.

How to Set Up SMTP

Setting up SMTP varies depending on your use case. Here are guides for common scenarios.

Setting Up SMTP in WordPress

Most WordPress sites need SMTP for reliable email delivery. The default PHP mail() function often fails or lands in spam.

Step 1: Install an SMTP Plugin

Popular options:

• WP Mail SMTP
• Post SMTP
• Easy WP SMTP

Step 2: Configure the Plugin

Using WP Mail SMTP with Brevo:

From Email: [email protected]
From Name: Your Site Name
Mailer: Other SMTP
SMTP Host: smtp-relay.brevo.com
Encryption: TLS
SMTP Port: 587
Authentication: On
SMTP Username: [email protected]
SMTP Password: your-brevo-smtp-key

Step 3: Test the Connection

Send a test email to verify configuration. Check spam folders if the test email does not arrive.

Setting Up SMTP in Applications

For custom applications, use your programming language’s email library.

Node.js (Nodemailer):

const nodemailer = require('nodemailer');

const transporter = nodemailer.createTransport({
  host: 'smtp-relay.brevo.com',
  port: 587,
  secure: false,
  auth: {
    user: '[email protected]',
    pass: 'your-smtp-key'
  }
});

await transporter.sendMail({
  from: '[email protected]',
  to: '[email protected]',
  subject: 'Test Email',
  text: 'Hello from Node.js!'
});

Python (smtplib):

import smtplib
from email.mime.text import MIMEText

smtp_server = "smtp-relay.brevo.com"
port = 587
username = "[email protected]"
password = "your-smtp-key"

msg = MIMEText("Hello from Python!")
msg['Subject'] = "Test Email"
msg['From'] = "[email protected]"
msg['To'] = "[email protected]"

with smtplib.SMTP(smtp_server, port) as server:
    server.starttls()
    server.login(username, password)
    server.send_message(msg)

PHP (PHPMailer):

use PHPMailer\PHPMailer\PHPMailer;

$mail = new PHPMailer(true);
$mail->isSMTP();
$mail->Host = 'smtp-relay.brevo.com';
$mail->SMTPAuth = true;
$mail->Username = '[email protected]';
$mail->Password = 'your-smtp-key';
$mail->SMTPSecure = 'tls';
$mail->Port = 587;

$mail->setFrom('[email protected]', 'Sender Name');
$mail->addAddress('[email protected]');
$mail->Subject = 'Test Email';
$mail->Body = 'Hello from PHP!';

$mail->send();

Setting Up DNS Records

Before sending, configure authentication DNS records.

Step 1: Add SPF Record

Create a TXT record at your domain root:

Type: TXT
Host: @
Value: v=spf1 include:spf.brevo.com ~all

If you have existing SPF, add the include statement:

v=spf1 include:spf.brevo.com include:_spf.google.com ~all

Step 2: Add DKIM Record

Create a TXT record with the selector from your provider:

Type: TXT
Host: brevo._domainkey
Value: v=DKIM1; k=rsa; p=[your-public-key]

Step 3: Add DMARC Record

Start with monitoring mode:

Type: TXT
Host: _dmarc
Value: v=DMARC1; p=none; rua=mailto:[email protected]

Step 4: Verify Configuration

Use tools like:

• MXToolbox (mxtoolbox.com)
• Mail Tester (mail-tester.com)
• DMARC Analyzer

Common SMTP Errors and Fixes

SMTP errors follow a standardized numbering system. Understanding these codes helps diagnose delivery issues quickly.

SMTP Error Code Categories

Common SMTP Errors and Solutions

421 Service Not Available

The server is temporarily unable to process requests.

Causes:

• Server overload
• Maintenance window
• Connection limits reached

Solutions:

• Wait and retry
• Check provider status page
• Implement retry logic with backoff

450 Mailbox Unavailable

Temporary issue with the recipient mailbox.

Causes:

• Mailbox full
• Server policy restriction
• Greylisting

Solutions:

• Retry after delay
• Greylisting resolves on second attempt
• Contact recipient if persistent

451 Local Error

Processing error at the receiving server.

Causes:

• Server configuration issue
• Resource exhaustion
• Temporary policy block

Solutions:

• Retry with exponential backoff
• Check if your IP is temporarily blocked
• Wait for server recovery

500 Syntax Error

Command not recognized.

Causes:

• Malformed SMTP commands
• Unsupported extensions
• Encoding issues

Solutions:

• Check command syntax
• Ensure proper line endings (CRLF)
• Verify client compatibility

501 Syntax Error in Parameters

Command recognized but parameters invalid.

Causes:

• Invalid email address format
• Missing required parameters
• Encoding problems

Solutions:

• Validate email addresses before sending
• Check for special characters
• Review parameter formatting

550 Mailbox Not Found

Recipient address does not exist.

Causes:

• Typo in email address
• Account deleted
• Domain does not accept email

Solutions:

• Verify recipient address
• Remove from list (hard bounce)
• Implement email validation

551 User Not Local

Recipient is not on this server.

Causes:

• Email forwarding required
• Wrong server contacted
• Outdated MX records

Solutions:

• Check MX record resolution
• Follow forwarding instructions
• Update DNS cache

552 Message Too Large

Email exceeds size limits.

Causes:

• Large attachments
• Recipient server limits
• Inline images too large

Solutions:

• Compress or remove attachments
• Use file sharing links instead
• Check recipient’s size limits

553 Mailbox Name Invalid

Address format rejected.

Causes:

• Invalid characters in address
• Malformed domain
• Policy restrictions

Solutions:

• Validate email format
• Check for typos
• Use RFC-compliant addresses

554 Transaction Failed

General rejection, often spam-related.

Causes:

• Spam filter triggered
• Blacklisted sender IP
• Content policy violation
• Missing authentication

Solutions:

• Check blacklist status
• Review email content
• Verify authentication (SPF, DKIM, DMARC)
• Check sender reputation

Diagnosing SMTP Issues

Step 1: Check Error Messages

Log complete SMTP responses, not just codes. The text after the code provides context.

Step 2: Test Connectivity

Verify you can connect to the SMTP server:

telnet smtp-relay.brevo.com 587

Or use openssl for TLS:

openssl s_client -starttls smtp -connect smtp-relay.brevo.com:587

Step 3: Verify Authentication

Test credentials independently from your application using a mail client or command-line tool.

Step 4: Check DNS

Verify your authentication records:

dig TXT yourdomain.com
dig TXT _dmarc.yourdomain.com
dig TXT selector._domainkey.yourdomain.com

Step 5: Review Blacklists

Check if your sending IP is blacklisted:

• MXToolbox Blacklist Check
• Spamhaus
• Barracuda Reputation

SMTP Best Practices

Follow these practices to maximize deliverability and maintain a good sender reputation.

Authentication

• Always use SMTP AUTH: Never run an open relay
• Enable TLS: Encrypt all connections (STARTTLS on port 587)
• Use API keys: Prefer API keys over account passwords
• Rotate credentials: Change keys periodically
• Implement all three: SPF, DKIM, and DMARC together

Sending Practices

• Warm up new IPs: Gradually increase volume on new sending IPs
• Consistent sending: Maintain regular sending patterns
• List hygiene: Remove bounces and unengaged subscribers
• Honor unsubscribes: Process opt-outs immediately
• Monitor reputation: Track sender scores and blacklist status

Technical Implementation

• Handle bounces: Process and categorize bounce notifications
• Implement retry logic: Use exponential backoff for temporary failures
• Log everything: Keep detailed logs for troubleshooting
• Monitor delivery: Track delivery rates and latency
• Use connection pooling: Reuse connections for efficiency

Content Guidelines

• Avoid spam triggers: Watch for common spam phrases
• Balance text and images: Do not send image-only emails
• Include unsubscribe links: Required by law in most jurisdictions
• Use recognizable sender names: Recipients should know who you are
• Test before sending: Check spam scores before campaigns

Frequently Asked Questions

What is the difference between SMTP and email hosting?

SMTP is specifically for sending email. Email hosting includes both sending (SMTP) and receiving (POP3/IMAP) along with storage and management. You can use third-party SMTP services while hosting your email elsewhere.

Can I use Gmail SMTP for my business?

Gmail offers SMTP access but with limitations. The free tier allows 500 emails per day, and Google Workspace increases this to 2,000. For higher volumes or better deliverability control, dedicated SMTP services like Brevo are recommended.

Why are my emails going to spam?

Common causes include:

• Missing or misconfigured SPF/DKIM/DMARC
• Sending from a new IP without warmup
• Poor sender reputation
• Spam-like content
• Sending to invalid addresses
• High complaint rates

Check authentication first, then review content and sending practices.

What is the best SMTP port to use?

Port 587 is recommended for client-to-server email submission. It requires authentication and supports STARTTLS encryption. Port 25 is for server-to-server relay and is often blocked by ISPs.

How many emails can I send via SMTP?

Limits depend on your provider:

• Gmail: 500-2,000/day
• Brevo free: 300/day
• Amazon SES: 50,000/day (with approval)
• Dedicated services: Often unlimited with pricing tiers

Do I need a dedicated IP for SMTP?

Not always. Shared IPs work well for moderate volumes with good practices. Dedicated IPs benefit high-volume senders (100,000+ monthly) who want full control over their reputation. Most providers offer dedicated IPs as an upgrade option.

What is SMTP relay?

SMTP relay is when your email server forwards messages through another server for delivery. This is useful when your local server cannot send directly (blocked ports, poor reputation) or when using a service like Brevo for better deliverability.

How do I test my SMTP configuration?

Use these methods:

1. Send test emails through your application
2. Use online tools like Mail Tester to check authentication
3. Connect manually via telnet or openssl
4. Check provider dashboards for delivery logs
5. Send to test addresses that report authentication results

What happens if SPF or DKIM fails?

Without DMARC, failing SPF/DKIM may cause emails to be flagged but not necessarily rejected. With DMARC set to quarantine or reject, failures will result in spam placement or blocking. Always monitor DMARC reports to catch authentication issues.

Can SMTP handle attachments?

Yes. SMTP transmits attachments encoded in the email body (typically base64 encoding for binary files). However, large attachments may hit server size limits. For files over a few MB, consider using cloud storage links instead.

Conclusion

SMTP remains the fundamental protocol powering email communication worldwide. Whether you are sending transactional notifications, marketing campaigns, or internal communications, understanding SMTP helps you build reliable email infrastructure.

Key takeaways from this guide:

• SMTP is the sending protocol: It pushes email from sender to recipient servers
• Authentication is essential: Use SMTP AUTH, TLS, and implement SPF/DKIM/DMARC
• Choose the right provider: Match provider capabilities to your volume and needs
• Monitor and maintain: Track deliverability, handle bounces, and maintain list hygiene
• SMTP vs API: Use SMTP for compatibility, APIs for advanced features

For e-commerce businesses, combining a reliable SMTP provider like Brevo with proper customer data integration ensures your transactional emails reach customers while your marketing campaigns drive engagement. Tajo’s Shopify integration synchronizes your customer data with Brevo automatically, giving you the foundation for effective email communication across both transactional and marketing use cases.

Ready to improve your email deliverability? Start by auditing your current authentication setup using the SPF, DKIM, and DMARC guidelines in this guide, then consider whether your current provider meets your needs for volume, features, and reliability.

Related Articles

• Email Marketing Campaigns: The Complete Guide to Planning, Executing, and Optimizing
• Email Marketing Strategy: Complete Planning & Execution Guide [2025]
• Email Marketing for Small Business: The Complete Guide (2026)
• Email Marketing ROI: How to Calculate, Track & Improve Returns [2025]
• Email Marketing for Beginners: The Complete Getting Started Guide (2026)