What is an SMTP server and how does it work?

SMTP servers strictly follow protocol to ensure that elec­tron­ic mail reaches the intended re­cip­i­ents. The internet hosts an entire network of these dis­tri­b­u­tion points or relays, which make email com­mu­ni­ca­tion possible in the first place.

What is an SMTP server?

An “SMTP server“ refers to a mail server that submits and forwards emails from a sender to one or more recipient addresses over the internet according to the reg­u­la­tions of the network protocol SMTP. An important function of the SMTP server is the pre­ven­tion of spam through au­then­ti­ca­tion mech­a­nisms, which only allow au­tho­rized users to send emails.

As relays, SMTP servers serve as the essential link in email trans­mis­sion, involving multiple servers: the sender’s outgoing mail server, one or more external for­ward­ing servers, and the recipient’s incoming mail server.

How does an SMTP server work?

Step 1: Connect to the outgoing mail server

After you’ve sent an email, your provider’s webmail ap­pli­ca­tion or your mail program (the SMTP client, also known as “Mail User Agent,” or MUA) converts it into a header and a body and uploads both to the outgoing mail server—an SMTP server. This server has a so-called “Mail Transfer Agent” (MTA), the software foun­da­tion for sending and receiving emails. The MTA checks the email for size and spam, then stores it. To relieve the MTA, a Mail Sub­mis­sion Agent (MSA) is oc­ca­sion­al­ly placed before it to check the email’s validity be­fore­hand. Sub­se­quent­ly, the MTA searches in the Domain Name System (DNS) for the IP address of the receiving mail server.

Step 2: Delivery or for­ward­ing of the email

If the recipient address is connected to the same mail server as the sender address, the email is delivered directly. If not, the MTA breaks it into small data packets, which are forwarded to the des­ti­na­tion SMTP server via the shortest and least traffic-congested route. Along the way, the packets may pass through several MTAs on external SMTP servers (referred to as “relays” in technical jargon), which handle the con­tin­u­ous for­ward­ing.

Step 3: Arrival at the incoming mail server of the recipient address

Upon arrival at the des­ti­na­tion SMTP server, the data packets are re­assem­bled into a complete email. This email is checked for spam once more by the MSA and/or MTA and then trans­ferred to the message storage of the incoming mail server. From there, the Mail Delivery Agent (MDA) sends it to the recipient’s email inbox. After that, other network protocols—either IMAP or POP3—manage down­load­ing the elec­tron­ic mail to the recipient’s SMTP client.

What SMTP mail servers are available?

As a sender, you typically have the option to choose between SMTP servers from different providers to send your emails through the network. Another in­ter­est­ing option is to set up your own server for this purpose.

Publicly available SMTP servers

SMTP servers from es­tab­lished providers are also rec­og­nized as trust­wor­thy by other providers. Ad­di­tion­al­ly, their spam filters are con­sid­ered par­tic­u­lar­ly strong due to the large volumes of data handled. However, with free offers, you usually have to contend with strict lim­i­ta­tions regarding the daily number of emails, the maximum size of at­tach­ments, and mailbox storage space.

The offers are presented by different parties:

• Internet service providers: ISPs often offer an email address with an internet con­nec­tion, which provides access to the company’s own SMTP mail servers.
• Email providers: The most typical way for private in­di­vid­u­als to send emails to friends and family is through the webmail ap­pli­ca­tion of a free email provider like Gmail or Yahoo. The only re­quire­ment is an email address matching the domain, allowing you to use the provider’s SMTP server for personal cor­re­spon­dence. You just need to configure your mailbox with the correct SMTP server address—a list of the most popular providers and their addresses can be found below.
• Hosting providers: Many hosting plans, such as those from IONOS, typically include the use of an SMTP server to handle both internal and external mail traffic.
• Spe­cial­ized providers: Some companies spe­cial­ize in renting SMTP servers. This includes services like Amazon SES and SparkPost, where you can rent the ap­pro­pri­ate hardware if needed.

Own SMTP server

With some basic technical knowledge, it’s also possible to set up your own SMTP server, for example, as part of your own Raspberry Pi mail server using the ap­pro­pri­ate software.

The benefits are clear: no usage re­stric­tions from a provider, full control over all settings, and maximum data sov­er­eign­ty. Ad­di­tion­al­ly, a DIY server is perfect for getting familiar with the in­tri­ca­cies of email traffic. However, there are downsides: due to the dynamic IP address of private internet con­nec­tions, private SMTP servers are often clas­si­fied as spammers by major mail providers. This is a problem that can be solved with a few re­struc­tur­ing measures and/or ad­di­tion­al costs. But if you only want to send emails to another private client, a personal SMTP server is def­i­nite­ly a good al­ter­na­tive.

The ad­van­tages and dis­ad­van­tages of a provider SMTP vs. own SMTP

Below is a summary of the ad­van­tages and dis­ad­van­tages of provider servers compared to self-con­fig­ured servers:

Overview of important SMTP servers

Below is a current list (as of July 2025) of the most important email providers and the addresses of their publicly ac­ces­si­ble SMTP servers:

How to set up an SMTP server using Outlook as an example

To ensure your emails are sent reliably, a correctly con­fig­ured SMTP server is essential. The setup may vary slightly depending on your email provider. Below, we’ll demon­strate how to set up the SMTP server in Outlook.

To set up or change the SMTP server in Outlook, first open Microsoft’s email client and then click the “File” tab. Next, select “Account Settings” and then “Manage Profiles”.

Click on “Email Accounts” to view the list of con­fig­ured mailboxes. If you haven’t set up an address yet, click “New” and enter the address along with the password. Otherwise, select the desired email address and click “Change” to access the POP and IMAP account settings.

Under “Outgoing mail server,” you can now enter the SMTP server of your choice, such as the IONOS SMTP server smtp.ionos.com.

Pro­tec­tive measures for SMTP servers

The security of an SMTP server is crucial to ensure that your sent emails are protected from unau­tho­rized access and ma­nip­u­la­tion. Since the protocol is not in­her­ent­ly secure, various pro­tec­tive measures have been developed over time. In the following sections, you will find some of the most important methods for securing SMTP trans­mis­sions.

Mandatory au­then­ti­ca­tion via SMTP auth

Almost all modern mail servers today require clear au­then­ti­ca­tion of the sender via SMTP Auth (Extended SMTP). This means that only those who log in to the SMTP server with a valid username and the cor­re­spond­ing password are allowed to send emails.

This au­then­ti­ca­tion protects against spam, spoofing, and unau­tho­rized use. It prevents third parties from spec­i­fy­ing arbitrary sender addresses and sending emails through your server. Many providers also use what are called app passwords as part of two-factor au­then­ti­ca­tion—a regular password is no longer suf­fi­cient.

SPF, DKIM, and DMARC entries as fun­da­men­tal re­quire­ments

In addition to au­then­ti­ca­tion via SMTP-Auth, the au­then­tic­i­ty of the domain from which an email orig­i­nates is in­creas­ing­ly being verified. This requires three DNS entries that must be stored in domain man­age­ment:

• SPF (Sender Policy Framework): Specifies which servers are au­tho­rized to send emails on behalf of the domain
• DKIM: Cryp­to­graph­i­cal­ly signs outgoing emails, allowing the receiving server to verify if the message was altered in transit
• DMARC: Specifies how to handle messages that fail SPF and DKIM—for example, reject or move to the spam folder

If these entries are missing or incorrect, it can result in emails being blocked by other servers or clas­si­fied as spam.

Strict sender address policies

Many email providers, including IONOS, have tightened their email sending policies via SMTP servers in recent years. The main focus is on the question of which sender addresses are per­mis­si­ble when sending emails. Back­ground: Spammers and phishing attacks often use fic­ti­tious or fake sender addresses to appear le­git­i­mate.

As a result, only sender addresses that meet the following criteria are allowed for SMTP sending:

• They match the au­then­ti­cat­ed email address (e.g., john@example.com when logged into the server with john@example.com).
• They are ex­plic­it­ly reg­is­tered or verified as an au­tho­rized sender address in the user account (e.g., when sending on behalf of another person or address).

If an un­ver­i­fied address is used as the sender, the SMTP server typically rejects the request and returns an ap­pro­pri­ate error code.

Use ports with en­cryp­tion

Depending on the provider and software used, there are various options for es­tab­lish­ing an encrypted con­nec­tion to the SMTP server. Not only does the en­cryp­tion method (e.g., TLS or STARTTLS) matter, but also the port used. The following overview shows the common variants:

Common SMTP server error messages and their causes

If there is a mis­con­fig­u­ra­tion or con­nec­tion issues, mail programs display the cor­re­spond­ing SMTP error codes. In the following table, we have sum­ma­rized the most important messages.