Differences between revisions 1 and 15 (spanning 14 versions)

SMTP Simple mail transfer protocol

SMTP / Email spoof tests

https://emailspooftest.com/
Basic server test 2023 - https://ssl-tools.net/mailservers
Test mail - http://www.allaboutspam.com/email-server-test/ -> Send mail to "test @ allaboutspam.com"
2023-06 http://mail-server-test.online-domain-tools.com/
Website check - https://www.amberloom.com/
https://internet.nl/test-mail/
2023-06 send test email to server https://www.wormly.com/test-smtp-server/
https://mxtoolbox.com/emailhealth
2023-06 apply to remove IP from https://www.spamrats.com/

Check / Removal spam lists

2023-06 Fixed https://spfbl.net/en/delist/ ==> check https://matrix.spfbl.net/103.252.118.112
rbl.rbldns.ru

Verify smtp ssl/tls certificate

printf 'quit\n' | openssl s_client -connect mail.example.com:25 -starttls smtp | openssl x509 -dates -noout

printf 'quit\n' | openssl s_client -connect smtp.vigor.nz:25 -starttls smtp | openssl x509 -dates -text | grep "verify\|notAfter=\|vigor\|SAN\|DNS:\|Subject Alternative Name:"

Debug smtp sasl starttls authentication

Connect and move to tls protected channel

$ openssl s_client -starttls smtp -crlf -connect vigor.nz:25
ehlo testconnection
auth plain (base64encodedstring)

test sasl (/etc/sasldb2 )with

# sasldblistusers2
# testsaslauthd -u user -p password -f /var/spool/postfix/var/run/saslauthd/mux

add user to sasl

saslpasswd -c -u mail.example.com -a smtpauth test

view postfix smtp logs using journalctl
```
journalctl -u postfix@-.service  -f
```

Check tls certificate on smtp server

# echo "quit" | openssl s_client -starttls smtp -crlf -connect <smtp.host>:25 | openssl x509 -noout -text | grep DNS:

...

-  ⇤ ← Revision 1 as of 2018-12-30 21:02:00 → 
  Size: 245
  Editor: PieterSmit
  Comment:
+   ← Revision 15 as of 2024-02-08 09:50:04 → ⇥
  Size: 1911
  Editor: PieterSmit
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 1:
-Line 4:
+Line 3:
 Line 5:
+== SMTP / Email spoof tests ==
 * [[https://emailspooftest.com/]]
 * Basic server test 2023 - [[https://ssl-tools.net/mailservers]]
 * Test mail - [[http://www.allaboutspam.com/email-server-test/]] -> Send mail to "test @ allaboutspam.com"
 * (./) 2023-06 [[http://mail-server-test.online-domain-tools.com/]]
 * Website check - [[https://www.amberloom.com/]]
 * [[https://internet.nl/test-mail/]]
 * (./) 2023-06 send test email to server [[https://www.wormly.com/test-smtp-server/]]
 * [[https://mxtoolbox.com/emailhealth]]
 * (./) 2023-06 apply to remove IP from [[https://www.spamrats.com/]]

== Check / Removal spam lists ==
 * (./) 2023-06 Fixed [[https://spfbl.net/en/delist/]]  ==> check [[https://matrix.spfbl.net/103.252.118.112]]
 *  rbl.rbldns.ru

== Verify smtp ssl/tls certificate ==

 * {{{
printf 'quit\n' | openssl s_client -connect mail.example.com:25 -starttls smtp | openssl x509 -dates -noout

printf 'quit\n' | openssl s_client -connect smtp.vigor.nz:25 -starttls smtp | openssl x509 -dates -text | grep "verify\|notAfter=\|vigor\|SAN\|DNS:\|Subject Alternative Name:"
}}}
-Line 10:
+Line 33:
+ehlo testconnection
auth plain (base64encodedstring)
}}}

 * test sasl (/etc/sasldb2 )with {{{
# sasldblistusers2
# testsaslauthd -u user -p password -f /var/spool/postfix/var/run/saslauthd/mux
}}}

 * add user to sasl {{{
saslpasswd -c -u mail.example.com -a smtpauth test
}}}

 * view postfix smtp logs using journalctl {{{
journalctl -u postfix@-.service  -f
}}}

 * Check tls certificate on smtp server {{{
# echo "quit" | openssl s_client -starttls smtp -crlf -connect <smtp.host>:25 | openssl x509 -noout -text | grep DNS: