SMTP: Debugging SMTP with TLS/SSL and Auth

SMTP use TLS/SSL to secure connection to server and AUTH so only authenticated user can use the SMTP service. This tutorial will show steps to debug SMTP TLS/SSL and AUTH from Linux/Unix terminal.

  1. encode your login information in base64, the following perl command which requires MIME::Base64 will do encoding
perl -MMIME::Base64 -e 'print encode_base64("\000your_username\000your_password")'
# example output
# AHlvdXJfdXNlcm5hbWUAeW91cl9wYXNzd29yZA==
  1. connect to smtp server
# normal non-secured SMTP
$ telnet smtp.yourdomain.com 25

# TLS connection, check STARTTLS support with EHLO command
$ telnet smtp.yourdomain.com 25

220 SMTP banner
EHLO smtp.yourdomain.com
250 SMTP banner
250-smtp.yourdomain.com
250-PIPELINING
250-SIZE 36360000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit

$ openssl s_client -starttls smtp -crlf -connect smtp.yourdomain.com:25

# SSL connection
$ openssl s_client -crlf -connect smtp.yourdomain.com:465
  1. check AUTH support with EHLO command
# Connect to secure SMTP using TLS or SSL
$ openssl s_client -starttls smtp -crlf -connect smtp.yourdomain.com:25
# Or
$ openssl s_client -crlf -connect smtp.yourdomain.com:465

EHLO smtp.yourdomain.com
250-smtp.yourdomain.com
250-PIPELINING
250-SIZE 36360000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
  1. use AUTH command to authenticate
# connect to secure SMTP using TLS or SSL
$ openssl s_client -starttls smtp -crlf -connect smtp.yourdomain.com:25
# OR
$ openssl s_client -crlf -connect smtp.yourdomain.com:465

HELO smtp.yourdomain.com
250 smtp.yourdomain.com
AUTH PLAIN AHlvdXJfdXNlcm5hbWUAeW91cl9wYXNzd29yZA==
235 2.7.0 Authentication successful
if failed
535 5.7.8 Error: authentication failed: authentication failure
  1. test sending message
$ openssl s_client -crlf -connect smtp.yourdomain.com:465

HELO smtp.yourdomain.com
250 smtp.yourdomain.com
AUTH PLAIN AHlvdXJfdXNlcm5hbWUAeW91cl9wYXNzd29yZA==
235 2.7.0 Authentication successful
MAIL FROM: <your_username@yourdomain.com>
250 2.1.0 OK
RCPT TO: <your_destination@domain.com>
250 2.1.5 OK
DATA
354 End data with <CR><LF>.<CR><LF>
From: Your Name <your_username@yourdomain.com>
To: Your Destination Name <your_destination@domain.com>
Subject: Your Email Subject
Your Email Content
.
250 2.0.0 Ok: queued as 6A4C1D5153E
quit
Connection closed by foreign host.
Reference: <https://qmail.jms1.net/test-auth.shtml>