This comes up every day. It makes setting up email less than trivial if it doesn’t work the first time around, or if your email client and server doesn’t support autoconfig / automatic discovery.
There are at least seven combinations of incoming and outgoing settings for email:
Incoming has fairly straightforward terminology and there are four types:
- POP3 “insecure”: 110
- POP3 SSL: 995
- IMAP “insecure”: 143
- IMAP SSL: 993
Outgoing has different terminology and there are three types.
- SMTP “insecure”: 25. The gotcha is if you use your username and password it will be “secure” but not encrypted.
- Port 465 SSL
- Port 587 Submission STARTTLS
This article sums outgoing up nicely:
587 instead of
25 for message submission became popular at around the same time that the importance of using encryption to protect sensitive data became well known and encryption extensions were being defined for SMTP. Port
587, defined specifically for message submission, supported upgrading to a secure connection with STARTTLS.
465 was also defined for SMTP submission, and unlike port
465 specifically supported implicit TLS just like port
993 for IMAP and
995 for POP. At this time, however, the industry had moved on to the expectation that all connections for IMAP, POP, and SMTP would be upgraded securely using STARTTLS instead of the preferred implicit TLS today. For this reason, shortly after port
465 was defined, it was revoked. All clients were expected to move over to use STARTTLS on port