Testing SMTP servers with SWAKS

Posted by Steve on Mon 6 Apr 2009 at 11:24

When changing software configuration it is always a good idea to test things as thoroughly as you can. In the case of SMTP it is generally possible to test things offline pretty easily, and then perform simple tests via a manual telnet - but the SWAKS tool makes SMTP-testing even simpler.

SMTP (email) servers are generally pretty simple to setup, but there are a lot of cases where the configuration becomes non-trivial, especially when you're dealing with handling mail for multiple domains and SMTP-time testing.

Exim is the default SMTP server in Debian GNU/Linux and generally it is quite straightforward to configure. In the case where you have problems you can often find help:

  • The server logs errors pretty nicely by default (/var/log/exim4/*).
  • There are commands to test delivery (e.g. "exim -bt steve@example.org").
  • Several exim cheatsheets exist.

Still you might still want to test changes, particularly those relating to authenticating clients for relaying mail through your server, and for that purpose swaks is ideal.

The swaks package contains a tool which allows you to watch an SMTP conversation, feeding it pretty flexible commands.

Once installed ("aptitude install swaks") the usage is pretty simple:

skx@gold:~$ swaks --to steve@steve.org.uk --from steve@steve.org.uk
=== Trying mail.steve.org.uk:25...
=== Connected to mail.steve.org.uk.
<-  220 skx.xen-hosting.net ESMTP qpsmtpd 0.32 ready; send us your mail, but not your spam.
 -> EHLO remote.steve.org.uk
<-  250-skx.xen-hosting.net Hi remote.steve.org.uk [82.41.52.197]
<-  250-PIPELINING
<-  250-8BITMIME
<-  250 AUTH PLAIN CRAM-MD5
 -> MAIL FROM:<steve@steve.org.uk>
<-  250 <steve@steve.org.uk>, sender OK - how exciting to get mail from you!
 -> RCPT TO:<steve@steve.org.uk>
<-  250 <steve@steve.org.uk>, recipient ok
 -> DATA
<-  354 go ahead
 -> Date: Sun, 05 Apr 2009 23:04:57 +0100
 -> To: steve@steve.org.uk
 -> From: steve@steve.org.uk
 -> Subject: test Sun, 05 Apr 2009 23:04:57 +0100
 -> X-Mailer: swaks v20061116.0 jetmore.org/john/code/#swaks
 ->
 -> This is a test mailing
 ->
 -> .
<-  250 Queued!
 -> QUIT
<-  221 skx.xen-hosting.net closing connection. Have a wonderful day.
=== Connection closed with remote host.

This trace shows that we can send mail from our system to the remote one, and showed each step of the SMTP conversation. Almost every stage of the SMTP conversation may be controlled via command line flags. Assuming you have a server mail.example.org setup to allow relaying to authenticated users you can test this via the authentication options like so:

skx@gold:~$ swaks --to somebody.external@gmail.com \
   --from=steve@example.org \
   --auth \
   --auth-user=steve \
   --auth-password=hell-no \
   --server mail.example.org

This will result in a conversation looking something like this:

..
<-  250-mail.example.org Hi remote.server.name [1.2.3.4]
<-  250-PIPELINING
<-  250-8BITMIME
<-  250 AUTH PLAIN CRAM-MD5
 -> AUTH CRAM-MD5
<-  334 PGQ4ZcakejQ5ZDcheeseiQHNreC54ZW4taG9zpiesZy5uZXQ+
 -> c3RldsubliminalZmZDMxZmVkNmJjswimM2M4M2VkM2IsmileMDg=
<-  235 Authentication successful for steve - Authenticated steve; relaying permitted
 -> MAIL FROM:<steve@example.org>
<-  250 <steve@example.org>, sender OK - how exciting to get mail from you!
 -> RCPT TO:<external.username@gmail.com>
<-  250 <external.username@gmail.com>, recipient ok
..

In general testing SMTP by hand isn't terribly difficult - the different stages of an SMTP dialog are well documented - but swaks is a useful tool to bear in mind if you're in a hurry to test a mailserver, especially when you're trying to debug authentication issues.

There are a lot of options that you can pass to SWAKS, for example you can change the "HELO" name sent to the remote server with "--helo", which can be useful to test SPAM restrictions.

Here is an example of specifying the server to connect to explicitly, and then sending an unqualified hostname to it:

skx@gold:~$ swaks --server mail.example.org --helo=unqualified --to steve@example.org
=== Trying mail.example.org:25...
=== Connected to mail.example.org.
<-  220 mail.example.org ESMTP qpsmtpd 0.32 ready; send us your mail, but not your spam.
 -> HELO unqualified
<** 550 Please use a qualified helo name.
*** Remote host closed connection unexpectedly.

Once you've installed the package you can see the numerous documented options by running "man swaks".

 

 


Posted by Anonymous (80.50.xx.xx) on Mon 6 Apr 2009 at 12:45
Thanks, Great tool!

[ Parent | Reply to this comment ]

Posted by bdenning (124.187.xx.xx) on Mon 6 Apr 2009 at 12:57
[ Send Message ]
Yet another good sysadmin tool to add to my tool belt. Thanks for tutorial.

[ Parent | Reply to this comment ]

Posted by trakic (93.162.xx.xx) on Wed 8 Apr 2009 at 22:11
[ Send Message | View Weblogs ]
You might also consider using Python for that:

python -m smtpd -n -c DebuggingServer localhost:1025

More info:
http://www.python.org/doc/2.5.2/lib/module-smtpd.html

br.admir trakic,copenhagen,dk

[ Parent | Reply to this comment ]

Posted by Anonymous (87.79.xx.xx) on Sun 12 Apr 2009 at 00:16
It is worth mentioning that you will almost always want to install libnet-ssleay-perl and libnet-dns-perl, even though these are only "Suggests".

[ Parent | Reply to this comment ]

Posted by Anonymous (195.54.xx.xx) on Fri 29 May 2009 at 16:46
Indeed - libnet-ssleay-perl is required if you want to use the TLS encryption options during testing.

[ Parent | Reply to this comment ]

Posted by Anonymous (80.237.xx.xx) on Fri 29 May 2009 at 00:19
Sanx wery good tool. Спасибо, очень хорошая весчь!

[ Parent | Reply to this comment ]

Posted by Anonymous (154.20.xx.xx) on Thu 18 Jun 2009 at 05:56
Is it possible for SWAKS to send Pipelining SMTP command? Can somebody tell me and how,thanks.

[ Parent | Reply to this comment ]

Posted by Anonymous (72.69.xx.xx) on Mon 16 Nov 2009 at 18:44
--pipeline

[ Parent | Reply to this comment ]

Posted by Anonymous (62.143.xx.xx) on Mon 29 Mar 2010 at 11:34
HI, does anybody know any test tool like swaks for IMAP? Thanks!

[ Parent | Reply to this comment ]

Sign In

Username:

Password:

[Register|Advanced]

 

Flattr

 

Current Poll

Which init system are you using in Debian?






( 1045 votes ~ 6 comments )