Email protocols govern how messages are sent, received, and accessed across the internet. Understanding these protocols is key to grasping how email infrastructure functions and where security vulnerabilities might exist.

Simple Mail Transfer Protocol (SMTP)

SMTP is a protocol used to send emails from a client to a mail server, or between mail servers. It operates by default over TCP port 25, though modern configurations prefer port 587 with TLS encryption to enhance security.

How It Works:

1. Once an email is composed, it is sent to the organization’s outgoing SMTP server.
2. The SMTP server queries a DNS server to resolve the recipient domain (e.g., dicksonunited.com) into an IP address.
3. The email is then routed across the internet, potentially passing through multiple SMTP servers.
4. It finally arrives at the destination mail server, ready to be accessed by the recipient.

Port 25 is still used for server-to-server transmission but is often blocked by ISPs for client submission due to spam concerns. Port 587 with STARTTLS is now the recommended standard for authenticated message submission.

Post Office Protocol v3 (POP3)

POP3 is a protocol for retrieving email from a mail server to a local client. It works by downloading messages and, by default, deleting them from the server after retrieval.

Key Characteristics:

• Commonly operates over TCP port 110 (or 995 for secure POP3S).
• Emails are stored locally after download.
• Once downloaded, emails are not accessible from other devices unless explicitly configured to leave copies on the server.

POP3 is best suited for single-device access. It's less ideal in environments where users need access across multiple devices.