What Port 24 Does
Port 24 is registered with IANA as priv-mail, designated for "any private mail system" on both TCP and UDP.1 In practice, almost nothing uses it. No widely adopted protocol runs here. No RFC defines its behavior. It is a well-known port in the range 0-1023, which means it was assigned by IANA with the expectation that a real service would occupy it. That expectation was never met.
Port 24 sits one number below port 25, which carries SMTP, the protocol that handles nearly all email transmission on the Internet. This proximity is not a coincidence.
The Man Who Reserved It
The IANA registry lists the contact for port 24 as Rick Adams.1 That name carries weight.
Rick Adams ran the first international UUCP email link in 1982, a system called "Seismo" at the Center for Seismic Studies in Northern Virginia.2 That link evolved into UUNET, which Adams founded as a nonprofit to reduce the cost of email and Usenet traffic for rural American sites. UUNET became the gateway between UUCP mail and Internet email, and eventually grew into the largest Internet service provider in the world before being acquired by MFS and then WorldCom.2
Adams also co-authored RFC 1036 (the Standard for Interchange of USENET Messages), implemented SLIP (Serial Line Internet Protocol, documented in RFC 1055), and co-wrote the O'Reilly book !%@:: A Directory of Electronic Mail Addressing & Networks.2
This was a person who understood email infrastructure at the deepest level. When he reserved port 24 for "any private mail system," he was holding a door open. He knew that SMTP on port 25 would not be the only way organizations might want to move mail. Private, internal, proprietary mail systems existed in the early Internet, and they needed a place to live that was distinct from the public mail infrastructure.
The alternatives never standardized. SMTP won. Port 24 remained reserved but empty.
Why It Matters That It Is Empty
Well-known ports (0-1023) are a finite resource. There are only 1,024 of them, and they carry special significance: on Unix-like systems, binding to a well-known port requires root privileges, a security measure that ensures only trusted services can claim these addresses.3
Port 24 represents something specific about how the early Internet was built. The people assigning ports were not just solving today's problems. They were reserving capacity for futures that might or might not arrive. Some of those futures came (HTTP on port 80, HTTPS on port 443). Some did not. Port 24 is one that did not.
This is not waste. This is planning. An unassigned well-known port is like an empty lot in a city grid: its emptiness proves the grid was designed with room to grow.
Security
Port 24 has been associated with Back Orifice 2000 (BO2K), a remote administration trojan released by the hacking group Cult of the Dead Cow in 1999.4 BO2K used port 24 as one of its control channels, a common trojan tactic of hiding behind legitimate or obscure port assignments.
Because port 24 has no widely deployed legitimate service, any traffic on it should be treated with suspicion. If you see connections on port 24, investigate.
How to Check What Is Listening on Port 24
Linux:
macOS:
Windows:
If anything is listening on port 24 and you did not put it there, find out what it is immediately.
Related Ports
| Port | Service | Relationship |
|---|---|---|
| 25 | SMTP | The public mail protocol that won |
| 109 | POP2 | Early mailbox retrieval |
| 110 | POP3 | Standard mailbox retrieval |
| 143 | IMAP | Modern mailbox access |
| 465 | SMTPS | SMTP over TLS |
| 587 | Submission | Modern email submission |
Frequently Asked Questions
Was this page helpful?