Posted on December 1, 2017 · Posted in Exchange

Sending Email via Telnet Using SMTP Authentication

In some cases, in order to test or diagnose e-mail service, an administrator has to check the sending of emails through their Exchange servers (and other email servers) from certain hosts.If a server doesn’t require an authentication (open-relay server), you can send an e-mail from telnet command prompt. However, in most cases, the mailbox servers require the authentication to send an e-mail. In this example, we’ll show how to perform AUTH LOGIN authentication on the SMTP server and send an e-mail using telnet console.

In Exchange terms, AUTH LOGIN is the basic authentication, when user name and password are transmitted over the network encoded using base64 algorithm. The administrators do not usually disable Basic Authentication on the most of internal Exchange servers. You can see if it is supported in the settings of the Receive connector.

Basic Authentication on Receive Exchange connector

Note. Please, pay your attention that if the attacker has got an access to the communication channel, he can easily capture and decrypt user credentials encoded with Base64. So this authentication method is recommended only for private corporate networks.

To authenticate on the mail server using AUTH LOGIN, you need to convert the user name and password from which the message will be sent to the Base64 format. You can do it using scripts or online services. I used this website: https://www.base64encode.org/.

The user name test_user@woshub.com looked like dGVzdF91c2VyQHdvc2h1Yi5jb20g in Base64

The password $up3RsTr)ng turned into JHVwM1JzVHIpbmc= in Base64

base64 encoding

Connect to Port 25 (SMTP) of your e-mail server in the command prompt using Telnet (I’ll highlight the commands to be entered in blue)

telnet mail.woshub.com 25

If it is Exchange, it will return something like:

220 mail.woshub.com Microsoft ESMTP MAIL Service ready at Thu, 11 Nov 2017 10:22:31 +0300

Let’s introduce ourselves:

ehlo sender.woshub.com

The server will return the list of supported authentication types and options. As you can see, there is AUTH LOGIN in the list.

250-mail.woshub.com Hello [192.168.1.115]
250-SIZE 36700160
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH LOGIN
250-8BITMIME
250-BINARYMIME
250 CHUNKING

Ask the SMTP server to authenticate us using the current account:

AUTH LOGIN

The server will respond:
334 VXNlcm5hbWU6

Now copy and paste the user name in Base64 format we encrypted earlier:
dGVzdF91c2VyQHdvc2h1Yi5jb20g

The server will respond:

334 UGFzc3dvcmQ6.

Then copy and paste the password in Base64 format:
JHVwM1JzVHIpbmc=

If the user name and password are correct, the server will return:
235 2.7.0 Authentication successful

If not:

535 5.7.8 Error: authentication failed: UGFzc3dvcmQ6

telnet - AUTH-LOGIN

It’s time to fill in the standard e-mail fields:

mail from: test_user@woshub.com
250 2.1.0 Sender OK
rcpt to: root@woshub.com
250 2.1.5 Recipient OK
data
354 Start mail input; end with .
from: TestUser <test_user@woshub.com><
to: TheMainAdmin < root@woshub.com >
Subject: Test BASE SMTP Authenticated via Telnet
This is test
.
250 2.6.0 <ae80543d-cb8a-5c45-ad80-23b1985df753@mail.woshub.com> [InternalId=6334284] Queued mail for delivery

send email using telnet

QUIT

221 2.0.0 Closing connection.
Connection closed by foreign host.

This is all, and the e-mail will be successfully delivered to the recipient mailbox.

Previous:
Next:
Related Articles