Email Server Port Scanning: Which Ports to Check & Why (2026)

Why Email Server Ports Matter

Every email you send or receive travels over specific network ports. If the wrong ports are blocked by a firewall, closed on the server, or misconfigured, email delivery fails silently or with cryptic error messages. Port issues are one of the most common causes of email problems — especially after server migrations, firewall changes, or hosting provider switches.

Beyond functionality, port configuration has direct security implications. Running unencrypted email services on legacy ports exposes your organization to credential theft and message interception. Knowing which ports should be open and which should be closed is fundamental to email server hardening.

Complete List of Email Server Ports

Here is every port used by email protocols, what it does, and whether you should have it open:

Port 25 — SMTP (Server-to-Server)

Port 25 is the standard port for SMTP (Simple Mail Transfer Protocol) communication between mail servers. When Gmail sends an email to your server, it connects on port 25. This port must be open on your mail server for inbound email delivery to work. However, most ISPs and cloud providers block outbound port 25 for regular users to prevent spam. Your email server should accept connections on port 25 but your end users should not use it for sending.

Port 587 — SMTP Submission (Client-to-Server)

Port 587 is the designated port for email submission from mail clients (Outlook, Thunderbird, Apple Mail) to your mail server. It requires authentication and supports STARTTLS encryption. This is the port your users should configure in their email clients for sending mail. It is the modern standard and should always be open for authenticated users.

Port 465 — SMTPS (SMTP over SSL/TLS)

Port 465 was originally assigned for SMTP over implicit SSL/TLS. It was briefly deprecated in favor of port 587 with STARTTLS, but was re-assigned by the IETF in 2018 (RFC 8314) as the recommended port for message submission over implicit TLS. Unlike port 587 which starts unencrypted and upgrades via STARTTLS, port 465 is encrypted from the first byte. Many modern email providers support both 587 and 465.

Port 110 — POP3 (Unencrypted)

Port 110 is the default port for POP3 (Post Office Protocol version 3), which allows email clients to download messages from the server. POP3 on port 110 transmits everything in plain text, including usernames and passwords. In 2026, there is no reason to use unencrypted POP3. If you still need POP3 access, use port 995 instead.

Port 995 — POP3S (POP3 over SSL/TLS)

Port 995 provides POP3 access over an encrypted SSL/TLS connection. If your users require POP3 (which downloads and optionally deletes messages from the server), this is the only port that should be used. Note that IMAP is generally preferred over POP3 for most use cases.

Port 143 — IMAP (Unencrypted)

Port 143 is the default port for IMAP (Internet Message Access Protocol), which allows email clients to access messages while keeping them on the server. Like port 110, unencrypted IMAP on port 143 exposes credentials and message content. It supports STARTTLS to upgrade the connection, but implicit TLS on port 993 is preferred.

Port 993 — IMAPS (IMAP over SSL/TLS)

Port 993 provides IMAP access over implicit SSL/TLS encryption. This is the recommended port for email clients to access their mailbox. IMAP keeps messages on the server and supports folders, search, and synchronization across multiple devices — making it the standard choice for modern email access.

SMTP vs IMAP vs POP3 Explained

These three protocols serve different roles in the email ecosystem:

• SMTP (Simple Mail Transfer Protocol) handles sending and relaying email. It is used both between mail servers (port 25) and from clients to servers (ports 587/465). SMTP is a push protocol — it delivers messages outbound.
• IMAP (Internet Message Access Protocol) handles reading email. It synchronizes your mailbox across all your devices, keeping messages stored on the server. Changes you make (read, delete, move) are reflected everywhere. Use ports 993 (TLS) or 143 (STARTTLS).
• POP3 (Post Office Protocol version 3) also handles reading email, but it downloads messages to a single device and typically removes them from the server. It does not support folder synchronization. Use port 995 (TLS) or 110 (STARTTLS). POP3 is largely obsolete for most users but remains in use for specific archival and compliance scenarios.

How to Check If Email Ports Are Open

If email is not working, the first diagnostic step is checking whether the required ports are open and responding. Here is how to do it:

1. Find your mail server. Use our MX Lookup tool to identify the mail servers responsible for your domain.
2. Scan the email ports. Open our Port Scanner tool and enter the mail server hostname. Scan ports 25, 110, 143, 465, 587, 993, and 995.
3. Interpret the results. Open ports accept connections. Closed ports actively refuse connections. Filtered ports do not respond (usually blocked by a firewall).
4. Verify SSL/TLS. For ports that should use encryption (465, 587, 993, 995), use our SSL Checker to verify the certificate is valid and not expired.

Security Implications of Open Ports

Every open port is a potential attack surface. For email servers, security hardening means opening only the ports you need and ensuring encrypted alternatives are always available:

• Disable unencrypted ports when possible. If all your users are configured for encrypted connections, close ports 110 and 143. Force IMAP traffic to port 993 and POP3 to port 995.
• Restrict port 25 access. Port 25 should only accept connections from other mail servers. Block outbound port 25 from user workstations to prevent compromised machines from sending spam directly.
• Enforce STARTTLS on port 587. While port 587 supports STARTTLS upgrade, configure your server to require it rather than making it optional. Reject connections that do not upgrade to TLS.
• Monitor for unauthorized services. Regularly scan your mail servers to ensure no unexpected ports are open. Malware or misconfiguration can open additional ports that create security vulnerabilities.
• Keep certificates current. Expired or self-signed certificates on encrypted ports cause client warnings and can lead users to disable certificate verification, which defeats the purpose of encryption.

Port Scanning Best Practices and Legal Considerations

Port scanning is a legitimate diagnostic tool when used appropriately. However, there are important guidelines to follow:

• Only scan servers you own or have permission to test. Scanning third-party servers without authorization may violate computer fraud and abuse laws in many jurisdictions.
• Use targeted scans. Instead of scanning all 65,535 ports, scan only the specific email ports (25, 110, 143, 465, 587, 993, 995) to minimize network impact and get faster results.
• Document your findings. Keep records of scan results for compliance auditing and to track changes over time. This helps identify when ports are unexpectedly opened or closed.
• Scan regularly. Run port scans after any infrastructure change (firewall updates, server migrations, provider changes) and as part of routine security audits.

Related Tools and Guides

• Port Scanner — Scan any server for open email ports.
• MX Lookup — Find the mail servers responsible for a domain.
• SSL Checker — Verify SSL/TLS certificates on email server ports.
• Domain Health Check — Comprehensive domain and email security analysis.
• Email Authentication Best Practices: SPF, DKIM, DMARC Setup Guide
• How to Check DNS Records for Any Domain