As a person learns more about how mail clients, SMTP servers, and the whole online mail system works, they may be curious as to why an intermediate SMTP server is even needed. With that in mind, today’s SuperUser Q&A post has the answers to a curious reader’s questions.
Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.
Photo courtesy of David Schroeder (Flickr).
SuperUser reader Tobia wants to know why an intermediate SMTP server is needed to send mail:
Why do I need an intermediate SMTP server to send mail? Why is my mail client (Outlook or Thunderbird) unable to send messages directly to the recipient’s SMTP domain?
For example, if I have to send mail to firstname.lastname@example.org with my Gmail account, I send it to the smtp.gmail.com server; then this server sends my message to the MX server of example.com.
Why is an intermediate SMTP server needed to send mail?
SuperUser contributor davidgo has the answer for us:
It is technically possible to send mail directly to the recipient’s SMTP server from your computer.
Looking at it from a historical basis, if the remote SMTP server is down, you want a system to automatically handle it and keep retrying, hence you have an SMTP server. Similarly, in the old days, not all mail servers were connected all the time (long distance links were expensive), so mail would be queued and sent when a link was established.
Moving on to where Internet services are cheap, it is still useful to have mechanisms to retry sending mail if a server is unavailable. It is not ideal for this functionality to be written into the MUA (Mail user agent/end user mail program). These functions fit into an MTA (Mail server/SMTP server).
But it gets worse—spammers. Most mail (more than 80 percent) is spam. Mail providers do whatever they can to reduce this problem and a large number of techniques make assumptions about the way mail is delivered. The following are important considerations:
1. Greylisting: Some providers will automatically drop a mail connection if the sender and recipient have not communicated before and expect them to try a second time. Spammers often do not retry while an SMTP server is always supposed to. This reduces the volume of spam by about 80 percent, but it sucks to have to do this though.
2. Reputation: It is a lot more likely that someone sending mail through a reputable, known SMTP server is legit compared to a fly-by-night server. To get a feel for reputation, providers do a number of things:
- Block dynamic/client addresses (not 100 percent, but large chunks of the Internet have been mapped out).
- Check to see if the reverse DNS matches the forward DNS. Not very hard to do, but it shows some level of accountability and knowledge of best practices (something a lot of client address blocks do not have).
- Check for reputation. When communicating with other SMTP servers, a lot of providers keep track of the amount of spam and volume of mail sent. They can reduce the amount of spam by limiting connections and keeping an eye on these parameters. There are a lot of ways this is done, not all of them obvious, but which require a known sender.
- SPF and DKIM. These mechanisms tie DNS resources to the domain name to make forging mail harder and would be difficult, but not necessarily impossible to deploy if the mail program (MUA) is responsible for outgoing mail.
There are probably other minor concerns, but these would be the major ones.
Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.