Introduction
From time to time you may find that you need to verify email user authentication in a client-agnostic way. The following process explains how you can perform such a test.
Procedure
The first thing you need to do is get a base64 encoded version of the username and password. There are several ways to do this, for our purposes we'll use the following perl method:
perl -MMIME::Base64 -e 'print encode_base64("someuser\@somedomain.tld");' perl -MMIME::Base64 -e 'print encode_base64("somepassword");'
Save the returned values somewhere safe for the moment as you will need them later.
Next, access your server using telnet over port 25 (SMTP)
telnet yourserver.tld 25
Substituting yourserver.tld with the primary IP or the hostname of your server.
Next, we need to EHLO into the mail server:
EHLO yourdomain.tld
Where yourdomain.tld is the domain you wish to test against.
Next, specify that you are attempting to authenticate:
AUTH LOGIN
The server should return 334 VXNlcm5hbWU6;
. This is the word "Username:" base64 encoded. On the new line created paste the base64 encoded username you created earlier; Using our example username that would be:
c29tZXVzZXJAc29tZWRvbWFpbi50bGQ=
If successful, the server should return 334 UGFzc3dvcmQ6;
. As previously this is the base64 encoded string "Password:". On the newest line enter your base64 encoded password; Once more using our example this would be:
c29tZXBhc3N3b3Jk
Now you should have received a message telling you that you successfully authenticated.
[00:00:00 host root@server ~]cPs# telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220-host.server.tld ESMTP Exim 4.94.2 #2 Sat, 19 Mar 2022 18:11:25 +0100
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
EHLO somedomain.tld
250-host.server.tld Hello somedomain.tld [::1]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPE_CONNECT
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
AUTH LOGIN
334 VXNlcm5hbWU6
c29tZXVzZXJAc29tZWRvbWFpbi50bGQ=
334 UGFzc3dvcmQ6
c29tZXBhc3N3b3Jk
235 Authentication succeeded
Comments
0 comments
Article is closed for comments.