From LedHed's Wiki
Jump to: navigation, search
(Created page with "When setting up a mail server sometimes its handy to be able to test from the command line. This can be accomplished with telnet or openssl == Telnet == telnet mx.server.tl...")
 
(Testing SASL Auth)
 
(6 intermediate revisions by the same user not shown)
Line 28: Line 28:
 
   
 
   
 
  .
 
  .
 +
 +
 +
== Testing SASL Auth ==
 +
If the server you're trying to test supports SASL authentication you can test AUTH LOGIN as follows.
 +
 +
Step 1, get the encrypted version of your username and password
 +
 +
Username
 +
echo -ne 'username' | openssl enc -base64
 +
Output will look like this:
 +
dXNlcm5hbWU=
 +
 +
Password
 +
echo -ne 'password' | openssl enc -base64
 +
Output will look like this:
 +
cGFzc3dvcmQ=
 +
 +
Now connect with one of the methods listed above (Telnet or OpenSSL)
 +
Issue the ehlo command:
 +
ehlo my.hostname
 +
 +
Now issue the AUTH LOGIN command, in this format:  AUTH LOGIN followed by the encrypted username
 +
AUTH LOGIN dXNlcm5hbWU=
 +
 +
If the server returns a 334 like this:
 +
334 UGFzc3dvcmQ6
 +
 +
Then enter your encrypted password
 +
cGFzc3dvcmQ=
 +
 +
If the username and password are correct you should get a 235 response like this:
 +
235 2.7.0 Authentication successful
 +
 +
 +
Recap
 +
echo -ne 'username' | openssl enc -base64
 +
dXNlcm5hbWU=
 +
echo -ne 'password' | openssl enc -base64
 +
cGFzc3dvcmQ=
 +
 +
telnet mx.server.tld 25
 +
 +
220 mx.server.tld ESMTP Postfix (Debian/GNU)
 +
ehlo my.hostname
 +
250-mx.server.tld
 +
250-PIPELINING
 +
250-SIZE 10240000
 +
250-VRFY
 +
250-ETRN
 +
250-AUTH DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
 +
250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
 +
250-ENHANCEDSTATUSCODES
 +
250-8BITMIME
 +
250 DSN
 +
AUTH LOGIN dXNlcm5hbWU=
 +
334 UGFzc3dvcmQ6
 +
cGFzc3dvcmQ=
 +
235 2.7.0 Authentication successful
 +
 +
 +
  
 
[[Category:Postfix]]
 
[[Category:Postfix]]

Latest revision as of 00:30, 27 September 2013

When setting up a mail server sometimes its handy to be able to test from the command line.

This can be accomplished with telnet or openssl

Telnet

telnet mx.server.tld 25
ehlo my.hostname
Mail From: [email protected]
RCPT To: [email protected]
DATA
From: [email protected]
Subject: Put your subject here
Place the body of your message here then place a period on a line all by itself to finish the body of the message

.

Testing SMTP/TLS with OpenSSL Client

openssl s_client -connect mx.server.com:25 -starttls smtp
ehlo my.hostname
Mail From: [email protected]
RCPT To: [email protected]
DATA
From: [email protected]
Subject: Put your subject here
Place the body of your message here then place a period on a line all by itself to finish the body of the message

.


Testing SASL Auth

If the server you're trying to test supports SASL authentication you can test AUTH LOGIN as follows.

Step 1, get the encrypted version of your username and password

Username

echo -ne 'username' | openssl enc -base64

Output will look like this:

dXNlcm5hbWU=

Password

echo -ne 'password' | openssl enc -base64

Output will look like this:

cGFzc3dvcmQ=

Now connect with one of the methods listed above (Telnet or OpenSSL) Issue the ehlo command:

ehlo my.hostname

Now issue the AUTH LOGIN command, in this format: AUTH LOGIN followed by the encrypted username

AUTH LOGIN dXNlcm5hbWU=

If the server returns a 334 like this:

334 UGFzc3dvcmQ6

Then enter your encrypted password

cGFzc3dvcmQ=

If the username and password are correct you should get a 235 response like this:

235 2.7.0 Authentication successful


Recap

echo -ne 'username' | openssl enc -base64
dXNlcm5hbWU=
echo -ne 'password' | openssl enc -base64
cGFzc3dvcmQ=
telnet mx.server.tld 25
220 mx.server.tld ESMTP Postfix (Debian/GNU)
ehlo my.hostname
250-mx.server.tld
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH LOGIN dXNlcm5hbWU=
334 UGFzc3dvcmQ6
cGFzc3dvcmQ=
235 2.7.0 Authentication successful