Does this service works as designed ?
We often need to test if a service is correctly configured for authentication without the hassle of configuring a client like Evolution or Thunderbird.
So, we will use a simple telnet client and we will mimic the dialog between client and server.
Imap is very straightforward to test. Your command are in bold, just replace <user> and <password> with proper values.
telnet localhost imap Trying ::1... Connected to localhost. Escape character is '^]'. A1 LOGIN <user> <password> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready.A1 login <username> <password> A1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES ...] Logged in A2 LOGOUT * BYE Logging out A2 OK Logout completed. Connection closed by foreign host.
In case of a failure, you will see an answer like this
A1 NO [AUTHENTICATIONFAILED] Authentication failed.
Hint: You can issue several commands just prefix them with a different sequence number (A1, A2, A….)
IMAP authentication with TLS
If you need a TLS connection before login just replace your telnet command with :
openssl s_client -starttls imap -connect localhost:143
This protocol also permits testing with an preliminary task of base64 encoding your user and password in the same string. There are several ways to get the result, depending on what is available on the machine.
Here are several possibilities :
# With the base64 binary echo echo -ne '\0login\0password' | base64 ZWNobyAtbmUgXDBsb2dpblwwcGFzc3dvcmQK # Or use Openssl echo echo -ne '\0login\0password' | openssl base64 ZWNobyAtbmUgXDBsb2dpblwwcGFzc3dvcmQK # Or use Perl perl -MMIME::Base64 -e 'print encode_base64("\0login\0password")' ZWNobyAtbmUgXDBsb2dpblwwcGFzc3dvcmQK
And an online base64 converter
Once you have your base64 encoded string, you can use copy and use it during the dialog with the server.
telnet localhost 25 Trying ::1... Connected to localhost. Escape character is '^]'. 220 mail.testserver.com ESMTP Postfix EHLO toto 250-mail.adinfrance.com 250-PIPELINING 250-SIZE 40000000 250-ETRN 250-AUTH PLAIN 250-AUTH=PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH PLAIN ZWNobyAtbmUgXDBsb2dpblwwcGFzc3dvcmQK 235 2.7.0 Authentication successful QUIT 221 2.0.0 Bye
In case of a wrong authentication you will receive this kind of error message
435 4.7.8 Error: authentication failed:
Testing SMTP with TLS support enabled
Sometimes, server authentication requires a secure connection, replace your telnet command by openssl
openssl s_client -starttls smtp -connect locahost:25
When you have the prompt just start with the EHLO string
Testing with SMTPS (aka SSMTP)
Same as before, just start with :
openssl s_client -connect localhost:465
And start testing after the SSL stuff.