# SMTP Simple Mail Transfer Protocol (SMTP) is the internet standard for email transmission. It operates as a set of rules that govern how email messages are formatted, encrypted, and relayed between servers. ## SMTP in Zerops Zerops implements a security-first approach to email sending operations, allowing only port 587 for SMTP communication. This decision aligns with modern security practices and helps maintain the platform's integrity. ### Port Configuration

Port	Status	Description
587	✅ Allowed	Modern SMTP submission with STARTTLS
25	❌ Blocked	Traditional SMTP (security risk)
465	❌ Blocked	Legacy SMTPS (deprecated)

### Why Port 587 Port 587 is the modern standard for sending emails through SMTP, designed specifically for authenticated client submissions. This port enforces several security measures: - Mandatory TLS encryption for data protection - Required authentication for all clients - Secure transmission through verified providers #### How It Works Port 587 implements STARTTLS to establish secure connections. The process follows these steps: 1. Client connects to the SMTP server 2. Server responds with available capabilities 3. Client requests STARTTLS upgrade 4. Connection switches to encrypted TLS 5. Client provides authentication credentials 6. Email transmission begins over secure channel This implementation balances modern security requirements with broad compatibility, making it the recommended choice for email transmission. ### Port Restrictions and Platform Security Zerops enforces a strict policy of **blocking ports 25 and 465** for email operations. :::caution This is a permanent security measure with no exceptions, designed to protect both the platform and its users. ::: Port 25, in particular, is frequently exploited for spam distribution across cloud platforms. Instead of providing basic SMTP functionality, we encourage the use of specialized email services that offer: - Advanced deliverability management - Comprehensive monitoring and analytics - Built-in spam protection - Professional IP reputation management - Automated bounce handling This strict policy protects platform integrity. Poor IP reputation from email abuse can cascade across an entire infrastructure. The impact extends beyond email services to affect: - Legitimate web applications - Platform response times - Overall service reliability - Other customers' applications This is why Zerops maintains this strict policy - to ensure consistent, reliable service for all platform users. ## Sending Emails from Zerops ### Recommended Approaches You have two main options for sending emails from your Zerops applications: 1. **Email Provider SMTP Client** - You act as a client using their SMTP servers - Subject to provider's sending limits and policies 2. **Specialized Email Services** - Purpose-built for application email delivery - Your own dedicated sending infrastructure - Higher limits with scalable pricing - Advanced delivery monitoring and analytics ### Configuration Examples These examples serve as a starting point. Check your email provider's official documentation for current configuration requirements. :::note Port 587 is mandatory for all SMTP configurations in Zerops. Other ports (25, 465) are blocked for security reasons. ::: #### Enterprise Email Providers

Service	Host	Port	Secure	Username	Password
[Gmail](https://support.google.com/a/answer/176600?hl=en)	smtp.gmail.com	587	false	your.name@gmail.com	App Password required
[Google Workspace](https://support.google.com/a/answer/176600?hl=en)	smtp-relay.gmail.com	587	false	your.name@your-domain.com	Regular password (App Password if using 2FA)
[Office 365](https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365)	smtp.office365.com	587	false	your.name@your-domain.com	Account password

:::note Google - Gmail/Office 365: Better for testing or low-volume sending - Google Workspace: Suitable for business needs with higher limits ::: #### Email Service Providers

Provider	Host	Port	Username	Password	Features
[SendGrid](https://www.twilio.com/docs/sendgrid/for-developers/sending-email/getting-started-smtp)	smtp.sendgrid.net	587	apikey	SendGrid API key	• Free tier available • Real-time analytics • Webhooks • Spam detection
[Mailgun](https://documentation.mailgun.com/docs/mailgun/user-manual/sending-messages/#send-via-smtp)	smtp.mailgun.org	587	postmaster@your-domain.com	Mailgun password	• Free tier available • Email validation • Routing rules • Delivery analytics
[Amazon SES](https://docs.aws.amazon.com/ses/latest/dg/send-email-smtp.html)	email-smtp.us-east-1.amazonaws.com	587	SES access key ID	SES secret access key	• Pay as you go pricing • AWS integration • High deliverability • Auto-scaling

## Best Practices When implementing email functionality in your applications: - Store SMTP credentials in environment variables - Implement proper error handling and retry logic - Use queue systems for bulk sending to prevent rate limits - Monitor delivery status and bounce rates - Keep SMTP libraries and configurations up to date