command in windows and linux to check a remote SMTP server is responding

Posted on

Problem :

what is the command we use in Windows AND Linux to check if a remote SMTP server (192.168.5.5) is responding to SMTP commands?

Solution :

How do I check if a remote SMTP server is responding to SMTP commands?

Use telnet.

telnet smtp.example.com 25

Notes:

  • See Install Telnet Client if telnet is not installed on your version of Windows.
  • Replace smtp.example.com with 192.168.5.5
  • Once you are connected with telnet you can use SMTP Commands to talk to the server:
    S: 220 smtp.server.com Simple Mail Transfer Service Ready
    C: HELO client.example.com
    S: 250 Hello client.example.com
    C: MAIL FROM:
    S: 250 OK
    C: RCPT TO:
    S: 250 OK
    C: DATA
    S: 354 Send message content; end with .
    C: 
    C: .
    S: 250 OK, message accepted for delivery: queued as 12345
    C: QUIT
    S: 221 Bye

where S: is the server and C: is the client (telnet).


Further reading

Windows doesn’t have telnet enabled by default.. and the telnet client isn’t that good. So may as well install cygwin.

Then it’d be

nc 3.4.5.6 25

If you want to use telnet to connect then you have to enable the telnet client first. See ctrl panel..programs and features.. then on the far left, “turn windows features on or off”, click there. Then the window comes up to turn window features on and off, the list is in alphabetical order, click telnet client. You can leave telnet server unticked. So it just enables the telnet client.

You can then do

telnet 3.4.5.6 25

This is enabling the telnet client in windows 7. It is already installed, in the sense that you don’t need to point to installation files like when windows features needed installing in xp, it’s just not enabled. (And XP had the telnet client enabled by default by the way.. xp didn’t have this issue of things being installed and not enabled). By the way, with the telnet server if you did tick the box it’d make the service appear in services.msc but not started, the service would be listed but what windows in services.msc calls ‘disabled’. And obviously it’s not generally recommended that you run a telnet server.

enter image description here

The thing is that sometimes they can use an SSL server.

There are two types of SMTP with SSL, the older one tends to be on port 465 which is implicit SSL which starts with SSL. They’re discussed here https://www.fastmail.com/help/technical/ssltlsstarttls.html
For that, implicit SSL, nc or telnet alone won’t help you. You’d need either stunnel with (nc or telnet). Or, openssl. The more common form of SMTP with SSL, tends to be on port 587 And is explicit SSL, which starts non-SSL then goes SSL. For that, nc or telnet can be used just to see that it’s SMTP over SSL. OpenSSL running on port 25 could be plain SSL but is often explicit SSL.

BTW technically we’re not talking about SSL anymore it’s all TLS.. TLS followed from SSL v3 then you got TLS versions. SSL is old, TLS starting TLS 1.0 e.t.c. is more modern. SSL 3.0 really got phased out a lot since the poodle bug.

Regarding openssl, Grawity has an epic post covering that, and another answer here covers that too Can the telnet or netcat clients communicate over SSL?

(You may or may not need -crlf )

 openssl s_client  -connect 1.2.3.4:465

 openssl s_client  -connect 1.2.3.4:465


  openssl s_client -connect 1.2.3.4:587 -starttls smtp

  openssl s_client -connect 1.2.3.4:25 -starttls smtp

Once connected, there are SMTP commands so you could send an email but you don’t need to if you just want to see if the server is responding.

If you’re just checking for a response and don’t need to send an email, then the only time you’d really need openssl is for implicit SSL – port 465

Leave a Reply

Your email address will not be published.