What's "Port 25," and what does it have to do with e-mail spam?

Answers to your questions about the news.
July 1 2008 6:03 PM

The Spam Superhighway

What's "Port 25," and what does it have to do with Internet junk mail?

Illustration by Robert Neubecker. Click image to expand.

A set of guidelines, published last week, for how to crack down on spam e-mail recommends that Internet service providers block outgoing traffic from customers on "Port 25," a major conduit for unwanted e-mail. (Read the guidelines here.) What is Port 25, anyway?

The virtual pathway that most e-mail traffic follows when it travels from your computer to a server. Because there are so many different kinds of information being transferred on the Internet—Web pages, e-mail, and database requests, to name a few—data are divided into separate streams, called ports. A given packet of information will have a number attached to it that tells the receiving computer what kind of information it's receiving. This allows the receiver to deal with it accordingly. For example, normal Web traffic will arrive at your desktop tagged for Port 80, while secure Web data often uses Port 443. (These "ports" are purely virtual, not to be confused with the physical ports on the side or back of your computer that connect it to other devices.) Most e-mail is sent on Port 25.


When you send an e-mail to a friend, your computer will typically use Port 25 to route the outgoing message to a local server has been especially designated for handling e-mail by the network operator. That pre-approved e-mail server then finds the server that handles your friend's incoming e-mail and sends along your message.

Port 25 can get clogged with thousands of spam e-mails when computers on a network become infected with a virus or other malicious software. Security experts believe armies of these infected computers are responsible for sending the vast majority of spam. (See the Explainer's take on these "botnets.") Instead of using Port 25 to route their messages internally to an approved mail server the way they're supposed to, these "zombie" computers use it to send spam directly to the recipients' servers. This enables them to send large quantities of e-mail without being easily detected by the network operator.

The anti-spam guidelines propose shutting down Port 25 for only this particular type of traffic—which goes straight from an individual computer to the destination server and skips over the middleman of the local mail server. In other words, only those local mail servers would be allowed to use Port 25 to send e-mail to external locations.

In fact, most major Internet service providers in North America are already doing this, and they generally report a decrease in spam originating from their users. Blocking traffic out of Port 25 from computers not recognized as designated mail servers does, however, have the potential to block legitimate traffic as well. Small businesses that don't have the resources to maintain a designated mail server may send out e-mail in the same way an infected computer does. There are also some tech-savvy users who don't want to route their messages through their service provider's mail server, sometimes out of security concerns. Nonetheless, the recent guidelines outline some alternatives (PDF) for ISPs that don't want to cut off such customers.

Most anti-spam researchers acknowledge that blocking Port 25 wouldn't snuff out spam altogether and may provide only a temporary fix. In the last year, spammers have succeeded in breaking CAPTCHA systems—those tests with distorted numbers and letters meant to determine whether you're human—and registered for thousands of Web mail accounts. That lets them send out their spam without using infected machines.

Got a question about today's news? Ask the Explainer.

Explainer thanks Matt Bishop of the University of California, Davis; John Levine of the Messaging Anti-Abuse Working Group; and Joe Stewart of SecureWorks.



Blacks Don’t Have a Corporal Punishment Problem

Americans do. But when blacks exhibit the same behaviors as others, it becomes part of a greater black pathology. 

I Bought the Huge iPhone. I’m Already Thinking of Returning It.

Scotland Is Just the Beginning. Expect More Political Earthquakes in Europe.

Students Aren’t Going to College Football Games as Much Anymore

And schools are getting worried.

Two Damn Good, Very Different Movies About Soldiers Returning From War

The XX Factor

Lifetime Didn’t Think the Steubenville Rape Case Was Dramatic Enough

So they added a little self-immolation.

Medical Examiner

The Most Terrifying Thing About Ebola 

The disease threatens humanity by preying on humanity.

Why a Sketch of Chelsea Manning Is Stirring Up Controversy

How Worried Should Poland, the Baltic States, and Georgia Be About a Russian Invasion?

  News & Politics
Sept. 20 2014 11:13 AM -30-
Business Insider
Sept. 20 2014 6:30 AM The Man Making Bill Gates Richer
Sept. 20 2014 7:27 AM How Do Plants Grow Aboard the International Space Station?
  Double X
The XX Factor
Sept. 19 2014 4:58 PM Steubenville Gets the Lifetime Treatment (And a Cheerleader Erupts Into Flames)
  Slate Plus
Slate Picks
Sept. 19 2014 12:00 PM What Happened at Slate This Week? The Slatest editor tells us to read well-informed skepticism, media criticism, and more.
Brow Beat
Sept. 20 2014 3:21 PM “The More You Know (About Black People)” Uses Very Funny PSAs to Condemn Black Stereotypes
Future Tense
Sept. 19 2014 6:31 PM The One Big Problem With the Enormous New iPhone
  Health & Science
Bad Astronomy
Sept. 20 2014 7:00 AM The Shaggy Sun
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.