使用telnet来测试smtp服务器和授权登录以及smtp 命令
Posted On 2013年8月22日
下面是有关如何使用Telnet对邮件服务器测试SMTP AUTH测试(手动输入命令的测试)。
您需要做的第一件事是获取用户名和密码的base64编码。有几种方法可以做到这一点,下面的示例使用Perl:
perl -MMIME :: Base64 -e'print encode_base64(“username”);' perl -MMIME :: Base64 -e'print encode_base64(“password”);'
如果你有任何特殊字符,如@或’或!你必须把\放在它面前才能正确的转换(进行转义)。
命令返回的是用户名和密码的base64编码;
telnet mailserver.com 25
hello邮件服务器:
EHLO mailserver.com
告诉要使用它进行身份验证的服务器:
AUTH LOGIN
服务器应该返回334 VXNlcm5hbWU6;这是一个base64编码的字符串,询问您的用户名,粘贴您之前创建的base64编码的用户名,例如:
dXNlcm5hbWUuY29t
现在服务器应该已经返回334 UGFzc3dvcmQ6;。同样,这是一个base64编码的字符串,现在要求您输入密码,粘贴您创建的base64编码密码,例如:
bXlwYXNzd29yZA ==
现在您应该收到一条消息,告诉您已成功通过身份验证。如果失败,您的用户/通行证可能出错或您的邮件服务器已损坏。
以下是Telnet上真正成功的SMTP AUTH连接的日志:
user @ localhost [〜] #telnet exampledomain.com 25 试试1.1.1.1 ...... 连接到exampledomain.com(1.1.1.1)。 逃脱角色是'^]'。 220-server1.exampledomain.com ESMTP Exim 4.66#1 Wed,09 May 2007 23:55:12 +0200 220-我们不授权使用此系统来运输未经请求的, 220和/或批量电子邮件。 EHLO exampledomain.com 250-server1.exampledomain.com您好[1.1.1.2] 250-SIZE 52428800 250流水 250-AUTH PLAIN LOGIN 250-STARTTLS 250帮助 AUTH LOGIN 334 VXNlcm5hbWU6 dXNlcm5hbWUuY29t 334 UGFzc3dvcmQ6 bXlwYXNzd29yZA == 235身份验证成功
| SMTP Commands: | |
|---|---|
| HELO sendinghostname | This command initiates the SMTP conversation. The host connecting to the remote SMTP server identifies itself by it’s fully qualified DNS host name. |
| EHLO sendinghostname | An alternative command for starting the conversation. This states that the sending server wants to use the extended SMTP (ESMTP) protocol. |
| MAIL From:<source email address> | This is the start of an email message. The source email address is what will appear in the “From:” field of the message. |
| RCPT To:<destination email address> | This identifies the receipient of the email message. This command can be repeated multiple times for a given message in order to deliver a single message to multiple receipients. |
| SIZE=numberofbytes | The size command tells the remote sendmail system the size of the attached message in bytes. If ommited, mail readers and delivery agents will try to determine the size of a message based on indicators such as them being terminated by a “.” on a line by themselves and headers being sent on a line separated from body text by a blank line. But these methods get confused when you have headers or header like information embedded in messages, attachements, etc. |
| DATA | This command signifies that a stream of data, ie the email message body, will follow. The stream of data is terminated by a “.” on a line by itself. |
| QUIT | This terminates an SMTP connection. Multiple email messages can be transfered during a single TCP/IP connection. This allows for more efficient transfer of email. To start another email message in the same session, simply issue another “MAIL” command. |
| VRFY username | This command will request that the receiving SMTP server verify that a given email username is valid. The SMTP server will reply with the login name of the user. This feature can be turned off in sendmail because allowing it can be a security hole. VRFY commands can be used to probe for login names on a system. See the security section below for information about turning off this feature. |
| EXPN aliasname | EXPN is similar to VRFY, except that when used with a distribution list, it will list all users on that list. This can be a bigger problem than the “VRFY” command since sites often have an alias such as “all”. |
| Subject: Cc: Reply-To: |
Email header lines are not SMTP commands per se. They are sent in the DATA stream for a message. Header lines appear on a line by themselves, and are seperated from the body of a message by a blank line. |
此篇文章已被阅读2678 次