Question : Is port 587 always encrypted?

Understanding STARTTLS Encryption

Port 587 is the default port used for submitting email messages from client to server using SMTP. Rather than beginning with an encrypted connection like port 465, port 587 uses a method called STARTTLS.

STARTTLS begins as an unencrypted connection, but it immediately attempts to upgrade to a secure TLS connection as soon as both client and server agree to it. This allows for strong encryption without needing a separate port for SSL.

Is This Secure?

Yes. STARTTLS provides strong encryption once the upgrade occurs. As long as your email service provider (like Mailpro) and your email client support STARTTLS, the connection will be encrypted before any sensitive data is sent.

Mailpro requires and enforces encryption on port 587, ensuring that all outbound emails are securely transmitted.

When Would Port 587 Not Be Encrypted?

• If your email client does not support STARTTLS
• If STARTTLS is not enabled in your configuration
• If the server you're connecting to does not support STARTTLS (very rare with modern providers)

To avoid any issues, always verify that your email client is configured to use STARTTLS on port 587 and that encryption is enabled.

Why Mailpro Recommends Port 587

• It complies with modern email standards (RFC 6409)
• It supports authentication and encryption via STARTTLS
• It is widely accepted and rarely blocked by ISPs or firewalls

Related 

• Which smtp port should I use?
• SMTP Port 465 vs. Port 587: What’s the Difference and Which One Should You Use?