Short answer. A mail server must be monitored continuously on three axes: MX availability, SMTP port response (25 for receiving, 465/587 for sending), and absence from blacklists. A silent failure of any one means lost mail with no obvious error on your side. Continuous checks with alerts to Telegram/Slack/email/webhook catch the issue in minutes, not when customers complain.
What exactly to monitor
- MX record — does the domain resolve to a working mail host;
- Port 25 — inbound mail between servers;
- Port 587 (Submission) — client sending with STARTTLS;
- Port 465 (SMTPS) — sending over implicit TLS;
- TLS certificate — validity and expiry;
- Blacklist — is the IP/domain on any blocklist.
A mail server fails quietly: inbound just stops arriving, outbound hangs. Without active monitoring you find out last — from an angry customer.
Checking SMTP manually
STARTTLS connection on the standard port via openssl:
openssl s_client -connect mail.example.com:25 -starttls smtpImplicit TLS on port 465:
openssl s_client -connect mail.example.com:465A quick check that the port is even open:
nc -zv mail.example.com 587
# 587 — submission, 465 — smtps, 25 — server-to-serverPort table
| Port | Purpose | Encryption |
|---|---|---|
| 25 | Server-to-server (receive) | STARTTLS (opt.) |
| 465 | Sending (SMTPS) | Implicit TLS |
| 587 | Sending (Submission) | STARTTLS |
Health checks and automation
Manual checks are for one-off diagnosis. For continuous control you create a monitor that checks the host on a schedule and alerts on failure. In enterno a mail-port monitor is created via the API документацию:
POST /api/v4/monitors
X-API-Key: ent_xxxxxxxxxxxxxxxx
Content-Type: application/json
{
"url": "mail.example.com:587",
"check_type": "ping",
"interval_minutes": 1,
"notify_telegram": true,
"check_regions": "ru-msk,eu-de,us-east"
}Blacklists
A blocklisted IP tanks delivery with no visible server error. Regular checks against the major lists plus a fast alert let you request delisting before serious losses.
Multi-region
- checking from RU, EU and US separates a local network glitch from real downtime;
- if the port is open from EU but closed from RU, that is routing, not a server crash.
Where enterno helps
/monitors puts the mail server under continuous control: host and port availability for 25/465/587, TLS certificate validity, blacklist checks and multi-region RU/EU/US. Alerts go to Telegram, Slack, email or webhook. Free includes 10 monitors. For one-off diagnosis use /email-check (SPF/DKIM/DMARC + MX-lookup + SMTP test) and /dns for MX records. enterno does not send mail — it only watches the infrastructure.
FAQ
What check interval should I pick?
For critical mail, 1 minute. The shorter the interval, the faster the alert.
Why multi-region?
To tell a local network failure apart from real server downtime.
How do I know I am blocklisted?
The monitor checks the major lists and alerts; an indirect sign is rising bounces with 550 5.7.1.
My provider blocks port 25 — what now?
Use 587 (Submission) for sending; port 25 is for servers receiving inbound mail.
Next: check SPF/DKIM/DMARC and MX, read about multi-region monitoring, and review bounce causes.