[exim] smtp authorization test via telnet?

Top Pagina
Delete this message
Reply to this message
Auteur: meburke
Datum:  
Aan: exim-users
Onderwerp: [exim] smtp authorization test via telnet?
I periodically test questionable email servers using telnet.

It is increasingly common for e-mail servers to ignore pop-before-smtp in favor
of SMTP authentication. I found a cool tool (gen-auth) at
http://www.jetmore.org (Thanks to members of this list). This script runs on
LINUX and generates various login strings for authenticating the user for
telnet testing.

Here's an example:

$ telnet goofywerks.com 25
Trying 64.246.40.39...
Connected to surfserv.goofywerks.com (XXX.XXX.XXX.XXX).
Escape character is '^]'.
220 surfserv.goofywerks.com ESMTP
auth plain AGp1Z3NAZ29vZnl3ZXJrcy5jb20AQm9pbmdCMDFuZw==
235 go ahead
mail from: jugs@???
250 ok
rcpt to: jugs@???
250 ok
data
354 go ahead
From: jugs@???
To: jugs@???
Subject: LotsaServers tech MEB test1

This is a test. Don't read me.
.
250 ok 1139502549 qp 18726
quit

Notice that the string produced by gen-auth is different from the string
produced by normal base64 encoders:

AGp1Z3NAZ29vZnl3ZXJrcy5jb20AQm9pbmdCMDFuZw==
anVnc0Bnb29meXdlcmtzLmNvbSBCb2luZ0IwMW5n

I've tried a couple of them and get similar results. Both stings seem to decode
to the same output, yet the one generated by gen-auth works and the other one
is mal-formed.

Interestingly enough, the string I get back from mimencode works also:
printf 'user\0jugs@???\0BoingB01ng' |./mimencode
dXNlcgBqdWdzQGdvb2Z5d2Vya3MuY29tAEJvaW5nQjAxbmc=

Only the first string(gen-auth) works with cPanel and exim, but the mimencode
string works with sendmail and qmail also.

Are there a couple of characters I'm missing from the beginning?
Is there a trick to generating the Authentication code in other encoders hat
will work with exim?

I ask, because I won't always have the same LINUX system to try from, nor will
it always be a *nix OS, and I may have to generate the auth codes from
different utilities. My goal is to be able to enter the correct input string
for the username and password and be able to generate either auth plain or auth
login strings.

Thank you for your help,

Mike Burke