Testing SMTP servers with SWAKS

Posted by Steve on Mon 6 Apr 2009 at 11:24

When changing software configuration it is always a good idea to test things as thoroughly as you can. In the case of SMTP it is generally possible to test things offline pretty easily, and then perform simple tests via a manual telnet - but the SWAKS tool makes SMTP-testing even simpler.

SMTP (email) servers are generally pretty simple to setup, but there are a lot of cases where the configuration becomes non-trivial, especially when you're dealing with handling mail for multiple domains and SMTP-time testing.

Exim is the default SMTP server in Debian GNU/Linux and generally it is quite straightforward to configure. In the case where you have problems you can often find help:

Still you might still want to test changes, particularly those relating to authenticating clients for relaying mail through your server, and for that purpose swaks is ideal.

The swaks package contains a tool which allows you to watch an SMTP conversation, feeding it pretty flexible commands.

Once installed ("aptitude install swaks") the usage is pretty simple:

skx@gold:~$ swaks --to steve@steve.org.uk --from steve@steve.org.uk
=== Trying mail.steve.org.uk:25...
=== Connected to mail.steve.org.uk.
<-  220 skx.xen-hosting.net ESMTP qpsmtpd 0.32 ready; send us your mail, but not your spam.
 -> EHLO remote.steve.org.uk
<-  250-skx.xen-hosting.net Hi remote.steve.org.uk [82.41.52.197]
<-  250-PIPELINING
<-  250-8BITMIME
<-  250 AUTH PLAIN CRAM-MD5
 -> MAIL FROM:<steve@steve.org.uk>
<-  250 <steve@steve.org.uk>, sender OK - how exciting to get mail from you!
 -> RCPT TO:<steve@steve.org.uk>
<-  250 <steve@steve.org.uk>, recipient ok
 -> DATA
<-  354 go ahead
 -> Date: Sun, 05 Apr 2009 23:04:57 +0100
 -> To: steve@steve.org.uk
 -> From: steve@steve.org.uk
 -> Subject: test Sun, 05 Apr 2009 23:04:57 +0100
 -> X-Mailer: swaks v20061116.0 jetmore.org/john/code/#swaks
 ->
 -> This is a test mailing
 ->
 -> .
<-  250 Queued!
 -> QUIT
<-  221 skx.xen-hosting.net closing connection. Have a wonderful day.
=== Connection closed with remote host.

This trace shows that we can send mail from our system to the remote one, and showed each step of the SMTP conversation. Almost every stage of the SMTP conversation may be controlled via command line flags. Assuming you have a server mail.example.org setup to allow relaying to authenticated users you can test this via the authentication options like so:

skx@gold:~$ swaks --to somebody.external@gmail.com \
   --from=steve@example.org \
   --auth \
   --auth-user=steve \
   --auth-password=hell-no \
   --server mail.example.org

This will result in a conversation looking something like this:

..
<-  250-mail.example.org Hi remote.server.name [1.2.3.4]
<-  250-PIPELINING
<-  250-8BITMIME
<-  250 AUTH PLAIN CRAM-MD5
 -> AUTH CRAM-MD5
<-  334 PGQ4ZcakejQ5ZDcheeseiQHNreC54ZW4taG9zpiesZy5uZXQ+
 -> c3RldsubliminalZmZDMxZmVkNmJjswimM2M4M2VkM2IsmileMDg=
<-  235 Authentication successful for steve - Authenticated steve; relaying permitted
 -> MAIL FROM:<steve@example.org>
<-  250 <steve@example.org>, sender OK - how exciting to get mail from you!
 -> RCPT TO:<external.username@gmail.com>
<-  250 <external.username@gmail.com>, recipient ok
..

In general testing SMTP by hand isn't terribly difficult - the different stages of an SMTP dialog are well documented - but swaks is a useful tool to bear in mind if you're in a hurry to test a mailserver, especially when you're trying to debug authentication issues.

There are a lot of options that you can pass to SWAKS, for example you can change the "HELO" name sent to the remote server with "--helo", which can be useful to test SPAM restrictions.

Here is an example of specifying the server to connect to explicitly, and then sending an unqualified hostname to it:

skx@gold:~$ swaks --server mail.example.org --helo=unqualified --to steve@example.org
=== Trying mail.example.org:25...
=== Connected to mail.example.org.
<-  220 mail.example.org ESMTP qpsmtpd 0.32 ready; send us your mail, but not your spam.
 -> HELO unqualified
<** 550 Please use a qualified helo name.
*** Remote host closed connection unexpectedly.

Once you've installed the package you can see the numerous documented options by running "man swaks".


This article can be found online at the Debian Administration website at the following bookmarkable URL (along with associated comments):

This article is copyright 2009 Steve - please ask for permission to republish or translate.