Email (SMTP.domain.com vs mail.domain.com?)

0

This might be a stupid question but I couldn't find any answers online. From what I know, IMAP/POP is used to receive emails and SMTP is used to send emails. For example, I set up one with ZOHO and the incoming server has the format imap.zoho.com and the outgoing server is smtp.zoho.com.

Now my friend had someone previously set up an email server for him but his outgoing and incoming servers are both "mail.domain_name.com". I did a port scan on his domain name and IMAP, POP, and SMTP ports are all open.

1) Whats the difference between imap/smtp.*domain_name.com and mail.*domain_name.com

2) If the ports are open why can't he access the imap and smtp mail servers?

Thanks in advance

Ben

Posted 2017-07-04T19:38:19.370

Reputation: 3

This sounds too broad without knowing the specifics about the email server and its configurations. The IMAP, SMTP, etc. are protocols that use specific ports which are configurable (can be changed) with or without TLS/SSL security. The name of the DNS record/pointer for the actual public IP address it points to doesn't really matter as long as those connecting know what to plug in DNS name for the IMAP, SMTP, etc. protocols they use. I'd look at the server configuration and be sure you are connecting with the correct TLS/SSL settings as well as that may be the connection issue you are having. – Pimp Juice IT – 2017-07-04T19:51:59.330

You can call your mail server by whatever name you choose. – DavidPostill – 2017-07-04T20:47:39.657

Answers

0

The host name you use as part of the fully qualified domain name (FQDN) is arbitrary. Some Internet Service Providers (ISPs) may use smtp.example.com for their server that handles outgoing email via the Simple Mail Transfer Protocol (SMTP) and imap.example.com and pop.example.com for servers that allow users to download email via the Internet Message Access Protocol (IMAP) and the Post Office Protocol (POP) respectively. But they could pick any names they like, e.g., a.example.com, b.example.com, c.example.com or all three protocols can be supported on one server which they could name alice.example.com or mail.example.com.

Even though the well-known ports may be open on the server, i.e., TCP ports 25 (SMTP), 110 (POP3), 143 (IMAP), or 993 for IMAPS for encrypted IMAP access, or 995 for POP3S, which uses encrypted connectivity, instead of the unencrypted POP3 connections, that doesn't indicate that your friend can access those ports on that server. I wouldn't expect his ISP to block outgoing connections to ports 110 and 143, but it is common for ISPs to block outgoing connections to port 25, except for their own email servers.

The reason they do that is malware purveyors have often written their software so that it spreads itself from an infected system by scanning the system for email addresses, picking one to use as the "from" address and then sending email out to the other addresses via SMTP. Since the "from" address has been spoofed, recipients won't know the true origination point of the malware and are more likely to open messages containing malware attachments if they recognize the "from" address as belonging to someone they know. Other malware developers have written malware that infects systems, often those belonging to home users, setting up those systems as SMTP servers. They then sell access to those systems to spammers. That allows spammers to send their email from, potentially, thousands of systems, making anti-spam measures that block on particular IP addresses known to be transmitting spam less effective, because they can send their spam from thousands of IP addresses that can be frequently changing. As a result, many ISPs, in an effort to prevent IP addresses they've assigned to their users from being used as spam/malware distribution points, force users to route outgoing email through the ISP's mail servers which can check outgoing email for malware and spam.

Your friend could check on whether ports are blocked outbound from his system by trying to connect to those same ports on publicly accessible mail servers provided by companies such as google using telnet, which is a utility commonly found on Mac OS X or Linux systems. Telnet is also available from Microsoft for Microsoft Windows systems, but has to be installed. Or one can use the free PuTTY program, which supports both telnet and Secure Shell (SSH) on Microsoft Windows systems.

He could try telnet gmail-smtp-in.l.google.com 25. The Google email server should respond as shown below. He can type quit if he gets the expected response from the Google Gmail server.

$ telnet gmail-smtp-in.l.google.com 25
Trying 209.85.144.26...
Connected to gmail-smtp-in.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP 4si18502847qkf.19 - gsmtp

If he gets the 220 mx.google.com ESMTP response from the server, then his ISP isn't blocking outgoing connections on port 25 to other SMTP servers. If he can't establish the connection, then port 25 is likely blocked by the ISP to all but its own mail servers.

If he can get access to the Gmail server on port 25, he could use telnet to test access to his own email server and enter SMTP commands that an email client would normally submit to an SMTP server.

He could also try telnet pop.gmail.com 993 and telnet pop.gmail.com 995 to test whether there may be firewalls between him and mail servers on the Internet blocking access for POP3S and IMAPS. I wouldn't expect ISPs to block those ports for home users, but if he is on a corporate network, the corporation might have firewalls blocking access to outside email servers. If there are no such blocks, he should see the following two lines displayed in both cases:

Connected to pop.gmail.com.
Escape character is '^]'.

Hitting Ctrl-C will return him to the command prompt.

moonpoint

Posted 2017-07-04T19:38:19.370

Reputation: 4 432

Asked: 2017-07-04T19:38:19.370

Viewed: 1 076 times

Active: 2017-07-04T21:03:13.657