Validating a non-SSL POP server connection
- telnet host port
- user user
- pass pass
LOGIN TEST:
andy@sup-jira2:/usr/local/apps/home/log$ telnet x.y.com 110 Trying 1.2.3.4... Connected to x.y.com. Escape character is '^]'. +OK Dovecot (Ubuntu) ready. user MAILUSER +OK pass MAILPASS +OK Logged in.
LIST MESSAGES (after login):
Use LIST to list the messages, and then RETR (RETR 1) to view the given message
LIST +OK 2 messages: 1 437 2 2408 . RETR 1 +OK 437 octets Return-Path: <root@localhost> X-Original-To: andy@localhost Delivered-To: andy@localhost Received: by isoserver (Postfix, from userid 0) id C09044061F; Tue, 2 Dec 2014 13:15:11 +0000 (GMT) Subject: Test To: <andy@localhost> X-Mailer: mail (GNU Mailutils 2.99.98) Message-Id: <20141202131511.C09044061F@localhost> Date: Tue, 2 Dec 2014 13:15:11 +0000 (GMT) From: root@localhost (root) Hi there quick test
DELETE A mail
DELE 1 +OK Marked to be deleted.
QUITTING:
As we're using telnet, you can use CTRL + ] to close the connection, the mail server may also support quit
^] telnet> quit Connection closed.
Validating Plain SMTP
- http://www.yuki-onna.co.uk/email/smtp.html
Validating SMTP with TLS
Its also possible to do telnet style interaction with a TLS secured server (this example shows that there is a server side block on the account I am logging in as)
openssl s_client -starttls smtp -connect smtp.gmail.com:587 -crlf
CONNECTED(00000003)
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com
i:/C=US/O=Google Inc/CN=Google Internet Authority G2
1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIEdjCCA16gAwIBAgIIGcMF7jeVMoAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNzE1MDg0MDM4WhcNMTUwNDA0MTUxNTU1
WjBoMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEXMBUGA1UEAwwOc210
cC5nbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu4vOr
LgyNsHicxBORgO2OOfXKxEKb830NzNu6elubbf1T45GilB3fHgDQJELRydTRZilo
Efv75Ag7uRQM/M1tk+1h18wDpJZem+zFmJcs30ccBN21CnCvqsIEYJMyY3kcV4vD
x44bx6VvEAmJ9/kiFJ7xRUlCchu5YVOFoVkMaEax3UWb5Fti9pe8VgYdasuk53ae
8ZuIr4pFew9fraxOe/6LXEaPMSw622KSWpyK/GUbaAp07hV11c+LVgjlUDTgA+2k
nDigWrdb+yLL9Hv3WNLWjEAHFWhEce5QwV3SN8JLga3Rbw2N3lq9afkQtOnkJgdM
UG4xkUHGqscggMDJAgMBAAGjggFBMIIBPTAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwGQYDVR0RBBIwEIIOc210cC5nbWFpbC5jb20waAYIKwYBBQUHAQEE
XDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3J0
MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29vZ2xlLmNvbS9vY3NwMB0G
A1UdDgQWBBSanZBvY+Rnj0HquJmae9AJvwiCzTAMBgNVHRMBAf8EAjAAMB8GA1Ud
IwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMBcGA1UdIAQQMA4wDAYKKwYBBAHW
eQIFATAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lB
RzIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCVoGAOKZoil4sNAYvlb9uxNmWqQqyh
ql0D1bewbLxs3DSVWSe2DhPjjhdMHMTcMpB+jQzAbGxVYiuNLdqLl1Xcde7EUmo1
KJUGzTO046k+11LYVOxEXLBe5s3FF+niFJby7XFgmI3yMt4blHN5tHm/7JijL1Ip
vkcsynOnOwAEHehI1U12N0JEpkcoetM6MA8cGtn74EPTas4Npa+mTNo3seH8iY43
4L4hnsubXMhcQQ9IQMPtKuZYNUXklN/NS0f69Be+3HQRTOljtCxdpm/v/emHPjwg
/Cwu+58fZK+flQ1PQcY24Cgt7EF0R+uqo5Il3CGuCgrd4JxJNMuGcsGS
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com
issuer=/C=US/O=Google Inc/CN=Google Internet Authority G2
---
No client certificate CA names sent
---
SSL handshake has read 3990 bytes and written 466 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: EC0E1D8CA1227AE9386A2104174ADA6C7CE7AB1D62A068DC50B5FE1F5B92CBEE
Session-ID-ctx:
Master-Key: 4A72DA545F7AF1FB22F571F299FDDA8034691266ED34E94B7FF6DD71239B20F3CC84105C27399A2B1A61FFD5680ED231
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 100800 (seconds)
TLS session ticket:
0000 - d7 15 b6 8e 84 c9 af 13-f0 5d 95 16 f3 99 1e b5 .........]......
0010 - 0d ef 79 0a ae 64 51 27-33 1e e2 d2 5b 5d 59 71 ..y..dQ'3...[]Yq
0020 - ba cb 6d 91 1e 91 fd e2-12 2e ab 54 51 87 28 7b ..m........TQ.({
0030 - 92 19 de ac 62 d3 99 8a-86 2b b6 a5 85 89 b2 ce ....b....+......
0040 - 10 48 9b 5d 28 d8 f1 61-4e a9 b3 0c 0d ce 03 03 .H.](..aN.......
0050 - 21 d0 fa 09 af e4 7b a7-e5 6b c2 16 c3 3a 03 ec !.....{..k...:..
0060 - ef 8d 8e cf de 41 ba 8c-f9 57 00 a4 24 d0 34 50 .....A...W..$.4P
0070 - 00 c2 39 43 ec 3a f4 87-d3 d3 32 3c e6 8e 4e a9 ..9C.:....2<..N.
0080 - ef 7e 8a 6e a1 22 1d 8a-06 97 4f 1d cc 26 9b 85 .~.n."....O..&..
0090 - bc 3f 2a a2 cf 36 ed 6d-10 b6 39 41 98 79 34 d8 .?*..6.m..9A.y4.
00a0 - cc 73 31 0e .s1.
Start Time: 1419973684
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
250 SMTPUTF8
HELO <andy@sol.thepluginpeople.com>
250 mx.google.com at your service
mail from: meh@gmail.com
530-5.5.1 Authentication Required. Learn more at
530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257 ej10sm48089217wib.1 - gsmtp
Authenticating for SMTP
Once a session has been setup as above, authentication can occur with: auth login. What happens next is a 334 code response is sent by the server, what's wanted now is a base64 encoded value of the username (AAAAAAAAAAAAAA==), JEMHC has a Base64 Encoder in the Tools section. After hitting enter, a further 334 code response is sent, next it wants the password, also base64 encoded. If that worked, you're now authenticated. If not, check Common Problems.
auth login 334 VXNlcm5hbWU6 AAAAAAAAAAAAAAAAAA== 334 UGFzc3dvcmQ6 BBBBBBBBBBBBBBBBBB==
Related articles