Michael O.
3min Read

Testing Email Protocols from the command line

mail protocols

Have you ever wondered what sort of conversation occurs between mail servers?

Here is a guide on MTA-Speak and how to see if your mail server is actually working or not, ordered by email protocols. You will need a telnet client installed to run these tests and some form of SSL for the SSL/TLS tests.

Simple Mail Transport Protocol ( SMTP)

The standard SMTP conversation is always a push event (email is always sent, never requested). It occurs when you send email from your Mail User Agent (MUA) such as Outlook or Thunderbird, and the mail server.

SMTP exchanges also occur from mail server to mail server and can occur across multiple hops before the email reaches its final destination. The default ports on which we connect to SMTP are port 25 (usually for plaintext and/or non-authenticated) and port 995 for SSL. Other ports may be used and SSL/TLS can occur on any port.

Let’s see a typical SMTP session to a hypothetical server called ‘mailboss.lan’ . The italic sections are what we type, the rest is the SMTP server response.

telnet mailboss.lan 25
Trying 123.121.123.25...
Connected to mailboss.lan.
Escape character is '^]'.
220-mailboss.lan ESMTP Exim 4.29 #1 Mon, 28 Oct 2017 19:57:53 +0200
helo testsender.home.net
250 mailboss.lan Hello testsender.home.net [11.22.11.22]
mail from:tester@home.net
250 OK
rcpt to:recipient@mailboss.lan
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
Subject: Test
Testing SMTP
.
250 OK id=1e9ELh-0003fA-6F
quit
221 mailboss.lan closing connection
Connection closed by foreign host.

If you want to test this via an SSL session, the procedure is almost the same, it just starts differently.

openssl s_client -starttls smtp -crlf -connect mailboss.lan:25
CONNECTED (followed by a lot of detail on the SSL cert - the important lines to look for are below)
Server public key is 2048 bit
Secure Renegotiation IS supported
(the SMTP session starts after the following)
Verify return code: 0 (ok)
---
250
helo testsender.home.net 
250 mailboss.lan Hello testsender.home.net [11.22.11.22] ...etc.

Post Office Protocol version 3 (POP3)

telnet pop.mailboss.lan 110
Trying 123.121.123.110... 
Connected to pop.mailboss.lan. 
Escape character is '^]'.
+OK The Microsoft Exchange POP3 service is ready. (this will differ according to the type of server used)

The same as for SMTP to test SSL.

openssl s_client -connect pop.mailboss.lan:995
<certificate verification output>
+OK The Microsoft Exchange POP3 service is ready.

Internet Message Access Protocol (IMAP)

telnet imap.mailboss.lan 143
Trying 123.121.123.110... 
Connected to imap.mailboss.lan. 
Escape character is '^]'.
+OK The Microsoft Exchange IMAP4 service is ready. (this will differ according to the type of server used)

Once again, SSL has the same syntax after the session has been secured by the certificate exchange.

openssl s_client -connect imap.mailboss.lan:993
<certificate verification output>
* OK The Microsoft Exchange IMAP4 service is ready.

In summary

The commands above will work for both a Linux and a Windows mail server as the protocols are operating system agnostic and inter-system compatible. The tests are pretty simple and are a quick way to analyse server response.

If you ever get a “Could not Connect/Failed to Connect” error, it means that the server or the relevant service is not running. Conversely, if you should get a “Could not Resolve” error, it means that there is a potential DNS issue. If, however, you get a “Connection denied/refused“, this means that you are blocked by a firewall.

Happy Hosting.


The Author

Michael O.

Michael is the founder, managing director, and CEO of HOSTAFRICA. He studied at Friedrich Schiller University Jena and was inspired by Cape Town's beauty to bring his German expertise to Africa. Before HOSTAFRICA, Michael was the Managing Director of Deutsche Börse Cloud Exchange AG, one of Germany's largest virtual server providers.

More posts from Michael