Connecting to Your SMTP Server with the SMTP-AUTH Login Command

SMTP is the standard protocol for e-mail traffic. Either for sending e-mail from an e-mail client such as Windows Mail in Vista or Outlook Express in previous Windows versions, to entire mail servers sending e-mail between themselves across the Internet.

SMTP used to be anonymous in its origins, with authentication implemented during its evolution. Originally, SMTP servers were typically internal to an organization, receiving mail that was destined for the organization from the outside. These servers were also responsible for relaying messages from the organization to the outside. But, with time, SMTP servers evolved to become message submission agents for e-mail user agents, some of which were now relaying mail from the outside of an organization, such as when a company mobile worker that wants to send e-mail while on a trip using the corporate SMTP server. This meant that the SMTP protocol had to include specific rules and methods for relaying mail and authenticating users to prevent abuses such as spam relaying.

Note: An open mail relay is an SMTP server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users.

While SMTP-AUTH is generally a security improvement over unauthenticated SMTP, it can also introduce a weakness. If authenticated users are allowed to submit messages from IP addresses and unauthenticated users are not, then an attacker who manages to get the credentials of one user’s account is then able to use the authenticated server as an open mail relay. Therefore, every user’s password now becomes a key to the mail system’s security. A good password policy can effectively prevent such an attack.

For more information about SMTP, refer to RFC 821, RFC 2821, RF 2554, RFC 4954 and RFC 5321.

You can use the TELNET command to test and perform SMTP connections and send e-mail.

You can read more about SMTP in my articles on  testing SMTP service in IIS and Exchange and SMTP, POP3 and Telnet in Exchange.

Generally, in order to connect to an SMTP server and send a test email, you need to perform the following tasks:

Note: I’ve used my own incoming mail server. However, you can do the same for ANY mail server – for more information about MX records, check out a previous article I wrote on  configuring MX Records for incoming SMTP email.

Next, you issue a set of textual commands that perform the actual mail sending process:

Note: I’ve removed my IP address, sending e-mail address, and receiving e-mail address from the above sample.

Next, I wanted to be able to send an e-mail through the mail server to an external recipient, that would be considered as relaying. However, since most modern mail servers will not allow for unauthenticated SMTP connections to relay mail through them, we must now add the SMTP-AUTH command to the test procedure. The SMTP-AUTH extension is defined in RFC 4954.

For example, again using my own server:

Relaying to [email protected] is blocked.

So in order to be able to do so, I would have to authenticate to the server prior to attempting to send the e-mail.

Since do I have a valid user name and password, I can use these to authenticate. However, there is one major obstacle in front of us. The encoding of the SMTP-AUTH command. What we need to do is get a base64 encoding of our user name and password.

There are some base64 encoders available, but I personally like using Eb64 and Db64, available here for free:

Small Utils:

So, assuming my user name and passwords for my account are:

[email protected]


I run this command:

and get this output:


And for this command:

I get this output:


The process of authentication is simple. You issue an AUTH LOGIN command prior to providing the source and destination e-mail addresses. From that point onwards, the server and the client “speak” in base64 encoding.

The server should return a 334 VXNlcm5hbWU6 message. This is a base64 encoded string asking you for your username.

After providing it in,the server should have returned 334 UGFzc3dvcmQ6. Again this is a base64 encoded string now asking for your password.

Once you provide that, the server performs the authentication, and if successful, will respond with a 235 2.7.0 Authentication successful message.

So now I go back to my TELNET window and incorporate this information in my connection the the SMTP server:

This concludes the action, and the e-mail was successfully sent.

Related Topics:

  • Exchange Server

    Don't have a login but want to join the conversation? Sign up for a Petri Account