From LedHed's Wiki
Jump to: navigation, search
(Testing SASL Auth)
 
(5 intermediate revisions by the same user not shown)
Line 34: Line 34:
  
 
Step 1, get the encrypted version of your username and password
 
Step 1, get the encrypted version of your username and password
 +
 +
Username
 
  echo -ne 'username' | openssl enc -base64
 
  echo -ne 'username' | openssl enc -base64
 
Output will look like this:
 
Output will look like this:
 
  dXNlcm5hbWU=
 
  dXNlcm5hbWU=
  
 +
Password
 
  echo -ne 'password' | openssl enc -base64
 
  echo -ne 'password' | openssl enc -base64
 
Output will look like this:
 
Output will look like this:
Line 46: Line 49:
 
  ehlo my.hostname
 
  ehlo my.hostname
  
Now issue the AUTH LOGIN command, in this format:  AUTH LOGIN <Encrypted username>
+
Now issue the AUTH LOGIN command, in this format:  AUTH LOGIN followed by the encrypted username
 
  AUTH LOGIN dXNlcm5hbWU=
 
  AUTH LOGIN dXNlcm5hbWU=
  
Line 57: Line 60:
 
If the username and password are correct you should get a 235 response like this:
 
If the username and password are correct you should get a 235 response like this:
 
  235 2.7.0 Authentication successful
 
  235 2.7.0 Authentication successful
 +
 +
 +
Recap
 +
echo -ne 'username' | openssl enc -base64
 +
dXNlcm5hbWU=
 +
echo -ne 'password' | openssl enc -base64
 +
cGFzc3dvcmQ=
 +
 +
telnet mx.server.tld 25
 +
 +
220 mx.server.tld ESMTP Postfix (Debian/GNU)
 +
ehlo my.hostname
 +
250-mx.server.tld
 +
250-PIPELINING
 +
250-SIZE 10240000
 +
250-VRFY
 +
250-ETRN
 +
250-AUTH DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
 +
250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
 +
250-ENHANCEDSTATUSCODES
 +
250-8BITMIME
 +
250 DSN
 +
AUTH LOGIN dXNlcm5hbWU=
 +
334 UGFzc3dvcmQ6
 +
cGFzc3dvcmQ=
 +
235 2.7.0 Authentication successful
 +
 +
  
  
 
[[Category:Postfix]]
 
[[Category:Postfix]]

Latest revision as of 00:30, 27 September 2013

When setting up a mail server sometimes its handy to be able to test from the command line.

This can be accomplished with telnet or openssl

Telnet

telnet mx.server.tld 25
ehlo my.hostname
Mail From: [email protected]
RCPT To: [email protected]
DATA
From: [email protected]
Subject: Put your subject here
Place the body of your message here then place a period on a line all by itself to finish the body of the message

.

Testing SMTP/TLS with OpenSSL Client

openssl s_client -connect mx.server.com:25 -starttls smtp
ehlo my.hostname
Mail From: [email protected]
RCPT To: [email protected]
DATA
From: [email protected]
Subject: Put your subject here
Place the body of your message here then place a period on a line all by itself to finish the body of the message

.


Testing SASL Auth

If the server you're trying to test supports SASL authentication you can test AUTH LOGIN as follows.

Step 1, get the encrypted version of your username and password

Username

echo -ne 'username' | openssl enc -base64

Output will look like this:

dXNlcm5hbWU=

Password

echo -ne 'password' | openssl enc -base64

Output will look like this:

cGFzc3dvcmQ=

Now connect with one of the methods listed above (Telnet or OpenSSL) Issue the ehlo command:

ehlo my.hostname

Now issue the AUTH LOGIN command, in this format: AUTH LOGIN followed by the encrypted username

AUTH LOGIN dXNlcm5hbWU=

If the server returns a 334 like this:

334 UGFzc3dvcmQ6

Then enter your encrypted password

cGFzc3dvcmQ=

If the username and password are correct you should get a 235 response like this:

235 2.7.0 Authentication successful


Recap

echo -ne 'username' | openssl enc -base64
dXNlcm5hbWU=
echo -ne 'password' | openssl enc -base64
cGFzc3dvcmQ=
telnet mx.server.tld 25
220 mx.server.tld ESMTP Postfix (Debian/GNU)
ehlo my.hostname
250-mx.server.tld
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
250-AUTH=DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH LOGIN dXNlcm5hbWU=
334 UGFzc3dvcmQ6
cGFzc3dvcmQ=
235 2.7.0 Authentication successful