Sysadmin Blog

Test SMTP Auth

info@cyberbyte.ch (Mike Rhyner) — Thu, 24 Sep 2015 17:07:07 GMT

Sometimes, you need to test SMTP auth (for sending e-mails) is working properly and you don't want (or can't) test with an ordinary email client.

One can test using a telnet session. But first, you must encode username and password using this command snipplet:

echo -en "testlogin" | openssl enc -base64
dGVzdGxvZ2lu
echo -en "testpass" | openssl enc -base64
dGVzdHBhc3M=

Then:

telnet  25 (or 587)

Now you do the same as an e-mail client:

HELO mybox.mydomain.tld
250 host.domain.tld
AUTH LOGIN
334 VXNlcm5hbWU6
dGVzdGxvZ2lu
334 UGFzc3dvcmQ6
dGVzdHBhc3M=
235 2.7.0 Authentication successful
quit
221 2.0.0 Bye

If something with "Authentication successful" appears, login was able to authenticate against the mail server for sending e-mail.

REMARK: There are some other sites with examples in perl that don't work with full e-mail address usernames (user@domain.tld) because of lack of escaping the "@" sign that designates a perl array.

Detect and block abuse of (cracked) e-mail account

info@cyberbyte.ch (Mike Rhyner) — Fri, 28 Feb 2014 09:45:39 GMT

To avoid bad things(TM) caused by a cracked e-mail account on our postfix mailserver, I used the script Check Auth Log to detect abnormal high numbers of logins or logins from many different IP addresses within a certain time onto a certain account. Then the script will lock out the account. This, together with per-session limits within postfix configuration (smtpd_client_message_rate_limit, smtpd_client_recipient_rate_limit), should help to avoid or at least mitigate the damage caused by cracked accounts, i.e. SMTP server being blacklisted.

Obsolete Mail Domain Reporter

info@cyberbyte.ch (Mike Rhyner) — Thu, 21 Feb 2013 14:14:14 GMT

Introduction

The abbreviation "OMDR" stands for "obsolete mail domain reporter" and is a small shell script intended to find obsolete MX records to keep your mailserver clean and sane

As a source of currently configured domain can be either
* a textfile, every hosted domain on a seperate line
* a directory tree with the domains

Download

Get the script here

Usage

1. Copy the shell script to your mail server

2. Open the script within an text editor. There are several configuration options at the beginning of the script to adapt the script to your environment. See comment within the script itself!

3. After running the script, you end up with a file that contains all domains that are claimed not to be active any more on that particular mail host

Copyright

This script was written by Mike Rhyner for Adfinis Sygroup AG.

Postfix Mail Queue Manager

info@cyberbyte.ch (Mike Rhyner) — Fri, 28 Sep 2012 22:00:00 GMT

Description

This PHP script shows the content of the mail queues of multiple servers and give you the possibility to hold, release, delete and reqeue single messages.

If you install a tiny wrapper script on mail servers, you may even remove or requeue multiple messages from a certain sender.

In addition, you can also requeue all messages (sendmail -q).

Download

Download the gzip'ped tar archive

Prerequisites:

On a web- or intranet accessible host (access protection highly recommended!):
- Web Server with PHP script language support (shell_exec function has to be enabled)
- Key-based SSH access to mail servers for webserver user

On mail servers:
- Postfix
- sudo

Installation

Unpack the archive beneath a webserver document root

Adapt the variables $mailservers and $user to your needs, if you like to use the selection by sender e-mail address feature, configure also variable $wrapper_cmd

Add the following lines to /etc/sudoers on the mail server(s), assuming user admin for login to the mail server(s) (change it to your needs):

admin    ALL=(ALL) NOPASSWD: /usr/sbin/postsuper
admin    ALL=(ALL) NOPASSWD: /usr/sbin/postqueue
admin    ALL=(ALL) NOPASSWD: /usr/local/bin/mailqueue.sh

(last line only needed for selection by sender address)

If you want to use the selection by e-mail address feature, put mailqueue.sh to some path on the mail server(s) and make it executable, e.g.:

cp mailqueue.sh /usr/local/bin/mailqueue.sh
chmod 755 /usr/local/bin/mailqueue.sh

Try it out using http://yourwebserver/mailqmgr/index.php