email:test_smtp
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| email:test_smtp [2016/11/11 00:27] – peter | email:test_smtp [2019/11/27 22:15] (current) – removed peter | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Email - Test SMTP ====== | ||
| - | |||
| - | The commands used here are covered in section 4.1 of RFC 2821 [http:// | ||
| - | |||
| - | ===== Obtain the DNS MX record for a domain ===== | ||
| - | |||
| - | Issue the following command: | ||
| - | |||
| - | **Linux:** | ||
| - | |||
| - | <code bash> | ||
| - | nslookup -type=mx sharewiz.net | ||
| - | |||
| - | Non-authoritative answer: | ||
| - | sharewiz.net | ||
| - | |||
| - | Authoritative answers can be found from: | ||
| - | mail.sharewiz.net internet address = 5.42.134.35 | ||
| - | </ | ||
| - | |||
| - | |||
| - | **Windows: | ||
| - | |||
| - | <code bash> | ||
| - | nslookup -type=mx sharewiz.net | ||
| - | |||
| - | Non-authoritative answer: | ||
| - | sharewiz.net | ||
| - | </ | ||
| - | |||
| - | |||
| - | ===== Get the DNS PTR for the IP ===== | ||
| - | |||
| - | This requires to know what IP address. | ||
| - | |||
| - | With the IP address run the following command, where A.B.C.D is the IP address. | ||
| - | |||
| - | **Linux:** | ||
| - | |||
| - | <code bash> | ||
| - | nslookup -type=ptr A.B.C.D | ||
| - | Non-authoritative answer: | ||
| - | </ | ||
| - | |||
| - | **Windows: | ||
| - | |||
| - | <code bash> | ||
| - | nslookup -type=ptr A.B.C.D | ||
| - | Non-authoritative answer: | ||
| - | </ | ||
| - | |||
| - | |||
| - | So now that we have the MX record for example.com and the PTR for the IP we are going to use, it is time to login to the SMTP server. | ||
| - | |||
| - | |||
| - | ===== Connect to server ===== | ||
| - | |||
| - | For non-secure SMTP, you can use | ||
| - | |||
| - | <code bash> | ||
| - | telnet example.com 25 | ||
| - | </ | ||
| - | |||
| - | For secure SMTP, you can use one of following: | ||
| - | |||
| - | <code bash> | ||
| - | openssl s_client -starttls smtp -connect example.com: | ||
| - | openssl s_client -starttls smtp -connect example.com: | ||
| - | openssl s_client -starttls smtp -connect example.com: | ||
| - | </ | ||
| - | |||
| - | As soon as you connect to the server, run: | ||
| - | |||
| - | <code bash> | ||
| - | ehlo example.com | ||
| - | </ | ||
| - | |||
| - | You will get output like below as reply: | ||
| - | |||
| - | < | ||
| - | 250-test.rtcamp.com | ||
| - | 250-PIPELINING | ||
| - | 250-SIZE 10240000 | ||
| - | 250-VRFY | ||
| - | 250-ETRN | ||
| - | 250-STARTTLS | ||
| - | 250-AUTH PLAIN LOGIN | ||
| - | 250-ENHANCEDSTATUSCODES | ||
| - | 250-8BITMIME | ||
| - | 250 DSN | ||
| - | </ | ||
| - | |||
| - | If you do not see line like 250-AUTH ... line, then your server may not support authentication. | ||
| - | |||
| - | |||
| - | ===== Authentication ===== | ||
| - | |||
| - | For admin@example.com and password, generate base64 encoded string like below: | ||
| - | |||
| - | <code bash> | ||
| - | echo -ne ' | ||
| - | </ | ||
| - | |||
| - | Please note use of **\0** before username and password. | ||
| - | |||
| - | It will output a string like below: | ||
| - | |||
| - | < | ||
| - | AGFkbWluQGV4YW1wbGUuY29tAHBhc3N3b3Jk | ||
| - | </ | ||
| - | |||
| - | Use above string with AUTH command: | ||
| - | |||
| - | <code bash> | ||
| - | AUTH PLAIN AGFkbWluQGV4YW1wbGUuY29tAHBhc3N3b3Jk | ||
| - | </ | ||
| - | |||
| - | |||
| - | ===== SMTP Commands to send test email ===== | ||
| - | |||
| - | Type/paste following commands 1-by-1. | ||
| - | |||
| - | <code bash> | ||
| - | ehlo example.com | ||
| - | mail from: admin@example.com | ||
| - | rcpt to: admin@other.com | ||
| - | data | ||
| - | quit | ||
| - | </ | ||
| - | |||
| - | For more SMTP Tests, check http:// | ||
| - | |||
| - | ===== Open-Relay Test ===== | ||
| - | |||
| - | Worst thing that could happen to your SMTP server is – it becomes open-relay (accidentally). | ||
| - | |||
| - | There are many tools available online which can check if your smtp server is acting as open relay. | ||
| - | |||
| - | ===== swaks utility ===== | ||
| - | |||
| - | This is a small package which can make it easy to test your smtp server. | ||
| - | |||
| - | <code bash> | ||
| - | apt-get install swaks | ||
| - | </ | ||
| - | |||
| - | Example usage: | ||
| - | |||
| - | <code bash> | ||
| - | swaks --server example.com --to admin@example.com | ||
| - | </ | ||
| - | |||
| - | <WRAP info> | ||
| - | Please note that SpamAssassin marks, swaks generated email as spam. | ||
| - | </ | ||
| - | |||
| - | |||
| - | |||
| - | ===== Example ===== | ||
| - | |||
| - | openssl s_client -starttls smtp -connect mail.sharewiz.net: | ||
| - | CONNECTED(00000003) | ||
| - | depth=0 C = UK, ST = Jersey, L = St. Helier, O = ShareWiz, OU = Tech, CN = mail.sharewiz.net, | ||
| - | verify error: | ||
| - | verify return:1 | ||
| - | depth=0 C = UK, ST = Jersey, L = St. Helier, O = ShareWiz, OU = Tech, CN = mail.sharewiz.net, | ||
| - | verify return:1 | ||
| - | --- | ||
| - | Certificate chain | ||
| - | 0 s:/ | ||
| - | | ||
| - | --- | ||
| - | Server certificate | ||
| - | -----BEGIN CERTIFICATE----- | ||
| - | MIIF/ | ||
| - | VQQGEwJVSzEPMA0GA1UECAwGSmVyc2V5MRMwEQYDVQQHDApTdC4gSGVsaWVyMREw | ||
| - | DwYDVQQKDAhTaGFyZVdpejENMAsGA1UECwwEVGVjaDEaMBgGA1UEAwwRbWFpbC5z | ||
| - | aGFyZXdpei5uZXQxITAfBgkqhkiG9w0BCQEWEmFkbWluQHNoYXJld2l6Lm5ldDAe | ||
| - | Fw0xNjExMDYxOTMwNTZaFw00MTA2MjgxOTMwNTZaMIGUMQswCQYDVQQGEwJVSzEP | ||
| - | MA0GA1UECAwGSmVyc2V5MRMwEQYDVQQHDApTdC4gSGVsaWVyMREwDwYDVQQKDAhT | ||
| - | aGFyZVdpejENMAsGA1UECwwEVGVjaDEaMBgGA1UEAwwRbWFpbC5zaGFyZXdpei5u | ||
| - | ZXQxITAfBgkqhkiG9w0BCQEWEmFkbWluQHNoYXJld2l6Lm5ldDCCAiIwDQYJKoZI | ||
| - | hvcNAQEBBQADggIPADCCAgoCggIBAKY1Smx6HoH7QvC4pLvmS8jcVqLfR81IJc0+ | ||
| - | D/ | ||
| - | t4S+dUPbSwwOXcnttlE974eJBqgtRsQs96BXqdF4Lny+6LDLolV3uwyrnASgV3xX | ||
| - | CHAc5hbnJaj8ArxPhXa7ZKKDP04SJ+5U9J47eW/ | ||
| - | aBiHocgk9hPUhLV1i+85IKck7xf9v/ | ||
| - | 5NfC8+l6NX5PIaJqYhXjGFLiD72178mlLMUSQFTgZF// | ||
| - | TUFUmSf1efvJvBQhK3vWCCpVhnvBBgABxQOV/ | ||
| - | C1zfCZrIIU+O9NhpgSWoxpO9OLjFTo+xf5t8D3PP7soH1T+W0m0ygkvNBNTVAGYS | ||
| - | rzUAmnvQho7Rk/ | ||
| - | W+Im224O+qClT55IDOdeEG5PouNOLJEBNDUbco7eo8qJL1L6dlgOGI5a3vn9Ha+r | ||
| - | uSD3KjElvgnzZGcyGOwEybU+PEvZ4Fw6v3RhIBoogKkSaiU2TGAg8nC/ | ||
| - | O4DnuJP9AgMBAAGjUDBOMB0GA1UdDgQWBBTXgStBGVqML4FnPwZSkP7brXT8wzAf | ||
| - | BgNVHSMEGDAWgBTXgStBGVqML4FnPwZSkP7brXT8wzAMBgNVHRMEBTADAQH/ | ||
| - | CSqGSIb3DQEBCwUAA4ICAQBVaSDMRoB0tjHVJPSpBQmvVw4KyhN1eHf7Pe/ | ||
| - | MzXxzt7USxSXXcUYb6mzn1KuQozXr0cTF2Mqg9oUxJWp/ | ||
| - | wkySwS3eZ73HnpeofNY9V7t8rdHE8uMD/ | ||
| - | IlPc6KaRTtV3PQM+Za0zfJ4ukxR2YwPU68Df8T50whp1eJnj7Tg1Z7ZUkL5iRkLO | ||
| - | ALdtlGI1qhVBZzstjL11rOUQH5zFHtu+hcAHM5UWqy04M4fFW6A3Fk/ | ||
| - | bxbMvMTn85juoOkPYexhkQmLULqRmYgTR9YjqsPdmYi9OWBjciuoB9xePsR4U82k | ||
| - | o0WlztvY2XLCZh0DERaT6cLp0N+KIKOrjhO5eqSPOyQnGaTDZOokBGKUVUbRiF+1 | ||
| - | L4xdF4rNyOo9anLrLjA+VBsTH8Ff3M50+VkQi/ | ||
| - | Jj112fy6V7xN5zszxTi2ZLQ8lIFYsb36GSOrJLiTm4QS4NffvN53XTfoJTKu4Qlj | ||
| - | oQY3tI4QETunbFZxQF39wrgzvfwoFjw66ZczWuu2sQ8V1uhe5pe++YY/ | ||
| - | xuBv8Fx1CPR9oFBJnpZ61YGP08aRRsucsjwpC5RneTkxXSUSFC0ZS+SBVU4ar1tP | ||
| - | lg== | ||
| - | -----END CERTIFICATE----- | ||
| - | subject=/ | ||
| - | issuer=/ | ||
| - | --- | ||
| - | No client certificate CA names sent | ||
| - | Peer signing digest: SHA512 | ||
| - | Server Temp Key: ECDH, P-256, 256 bits | ||
| - | --- | ||
| - | SSL handshake has read 2483 bytes and written 466 bytes | ||
| - | --- | ||
| - | New, TLSv1/ | ||
| - | Server public key is 4096 bit | ||
| - | Secure Renegotiation IS supported | ||
| - | Compression: | ||
| - | Expansion: NONE | ||
| - | No ALPN negotiated | ||
| - | SSL-Session: | ||
| - | Protocol | ||
| - | Cipher | ||
| - | Session-ID: B687474275FE380364B1CB8510743A4EB39898D34E85AC4137B5C29FB190E2F7 | ||
| - | Session-ID-ctx: | ||
| - | Master-Key: E999FFA4C1791FBAA6442D546EF59BE650FED80C96D3EDF4A078473CD5BB86D934079514BFC840DDACA900D46721241A | ||
| - | Key-Arg | ||
| - | PSK identity: None | ||
| - | PSK identity hint: None | ||
| - | SRP username: None | ||
| - | Start Time: 1478819857 | ||
| - | Timeout | ||
| - | Verify return code: 18 (self signed certificate) | ||
| - | --- | ||
| - | 250 HELP | ||
| - | ehlo sharewiz.net | ||
| - | 250-server1.sharewiz.net Hello gateway.sharewiz.net [192.168.1.1] | ||
| - | 250-SIZE 52428800 | ||
| - | 250-8BITMIME | ||
| - | 250-PIPELINING | ||
| - | 250-AUTH PLAIN LOGIN PLAIN2 LOGIN2 | ||
| - | 250 HELP | ||
| - | AUTH PLAIN Base64EncodedUsernameAndPassword== | ||
| - | 235 Authentication succeeded | ||
| - | ehlo sharewiz.net | ||
| - | 250-server1.sharewiz.net Hello gateway.sharewiz.net [192.168.1.1] | ||
| - | 250-SIZE 52428800 | ||
| - | 250-8BITMIME | ||
| - | 250-PIPELINING | ||
| - | 250 HELP | ||
| - | mail from: | ||
| - | 250 OK | ||
| - | rcpt to: | ||
| - | 250 Accepted | ||
| - | data | ||
| - | 354 Enter message, ending with " | ||
| - | This is a test | ||
| - | . | ||
| - | 250 OK id=1c4yeV-000NPI-HC | ||
| - | quit | ||
| - | 221 server1.sharewiz.net closing connection | ||
| - | closed | ||
| - | </ | ||
email/test_smtp.1478824061.txt.gz · Last modified: 2020/07/15 09:30 (external edit)