How to manually test SMTP Authentication

Written by Shai Ben-Naphtali Saturday, 19 December 2009

Related documents:

  1. Base64 encoder
  2. How to Use Telnet to Test SMTP Communication
  3. GRC’s Ultra High Security Password Generator
  4. The PC Tools Password Generator

Sometimes, you find yourself not knowing if you have the right credentials to do SMTP Authentication. This might be because your mail client that you are so used to, is just a GUI (Graphic User Interface) for doing things the easy way. In this blog, I’ll show you (a bit of) what your mail client does in order to authenticate and send an email via an SMTP server/service.

This guide, with just using telnet, will allow you to test if you can even do SMTP on port 25 from within your LAN/Organization or behind your Anti-Virus/Firewall.

First, you need to get your username/email address and your password, encoded into a base64 data encoding scheme [2] or use perl (as I’ll show below).

First Option:

  • Use the web based encoder [2] to encode your username/email address and your password.
    • smtp_auth_web_base64_encode_email
      The outcome of the above will produce: c2hhaUBzaGFpLWFydml4ZS5jb20=
    • smtp_auth_web_base64_encode_password
      The outcome of the above will produce: bjw1JWptPm5+OWtjVjdpRi9IIl5HcEhnaHMwNX53eE1KPCYsSWZjOTN2Ln1fMmJRPlJlUHFecXI9U3MpLClm

Second Option:

  • shai@ubuntu:~$ perl -MMIME::Base64 -e ‘print encode_base64(“shai\@shai-arvixe.com”);’
    c2hhaUBzaGFpLWFydml4ZS5jb20=
    (Note: Notice how I had to escape the @ sign with a backslash)
  • shai@ubuntu:~$ perl -MMIME::Base64 -e ‘print encode_base64(“n<5%jm>n~9kcV7iF/H\“^GpHghs05~wxMJ<&,Ifc93v.}_2bQ>RePq^qr=Ss),)f”);’
    bjw1JWptPm5+OWtjVjdpRi9IIl5HcEhnaHMwNX53eE1KPCYsSWZjOTN2Ln1fMmJRPlJlUHFecXI9U3MpLClm
    (Note: Notice how I had to escape the sign with a backslash)

Now you can use telnet on your Windows/Linux box to test the SMTP Authentication:
(In Orange is text I typed)

  • shai@ubuntu:~$ telnet test.arvixe.com 25
    Trying 192.168.1.200…
    Connected to test.arvixe.com.
    Escape character is ‘^]’.
    220-test.arvixe.com ESMTP Exim
    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.
    EHLO
    250-test.arvixe.com Hello l192-168-1-199.cable.internal.net [192.168.1.199]
    250-SIZE 52428800
    250-PIPELINING
    250-AUTH PLAIN LOGIN
    250-STARTTLS
    250 HELP
    AUTH LOGIN
    334 VXNlcm5hbWU6
    c2hhaUBzaGFpLWFydml4ZS5jb20=
    334 UGFzc3dvcmQ6
    bjw1JWptPm5+OWtjVjdpRi9IIl5HcEhnaHMwNX53eE1KPCYsSWZjOTN2Ln1fMmJRPlJlUHFecXI9U3MpLClm
    235 Authentication succeeded
    MAIL FROM: [email protected]
    250 OK
    RCPT TO: [email protected]
    250 Accepted
    DATA
    354 Enter message, ending with “.” on a line by itself
    From: Shai’s blog <[email protected]>
    Subject: testing 0940
    This is another test.

    Shai
    .
    250 OK id=1NLtun-0005EK-6i
  • Well, what do you know, it arrived
    smtp_auth_email_arrived
Tags: , , ,

This entry was posted on Saturday, December 19th, 2009 at 12:13 am and is filed under Internet, Linux Server Admin, Mail, Webmail. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply






8 + = twelve