[:en]MailServer[:zh]邮件服务器

How to Test Mail Server SMTP AUTH using Telnet

Jack Huang System Admin 0 Comment

1. Use Perl to get base64 encoding of your username and password:

perl -MMIME::Base64 -e 'print encode_base64("username");'
perl -MMIME::Base64 -e 'print encode_base64("password");'

2. Use Telnet to connect to the mail server:

telnet mailserver.com 25

3. Greet the mail server:

EHLO mailserver.com

4. Tell the server you want to authenticate with it:

AUTH LOGIN

5. Enter the base64 encoded Username string:

dXNlcm5hbWU=

6. Enter the base64 encoded Password string:

cGFzc3dvcmQ=

Now you should have received a message telling you “Authentication succeeded”.

Below is a log of a real successful SMTP AUTH connection over Telnet:

user@localhost [~]# telnet testsmtpdomain.com 25
Trying 1.1.1.1...
Connected to testsmtpdomain.com.
Escape character is '^]'.
220-mail.testsmtpdomain.com ESMTP service ready
EHLO testsmtpdomain.com
250-mail.testsmtpdomain.com says hello
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-CHUNKING
250-8BITMIME
250-AUTH CRAM-MD5 PLAIN LOGIN
250-AUTH=CRAM-MD5 PLAIN LOGIN
250-XACK
250-SIZE 0
250-VERP
250 DSN
AUTH LOGIN
334 VXNlcm5hbWU6
dXNlcm5hbWU=
334 UGFzc3dvcmQ6
cGFzc3dvcmQ=
235 2.7.0 authentication succeeded

Install and Config Bulk/Mass Mail Server

Jack Huang System Admin 3 Comments

1. Prepare a VPS with Linux installed(recommend 64 bits CentOS 6.x)

2. You will need multiple domains if you’re going to use multiple IPs. You can also use multiple subdomains with multiple IPs.

3. Create DNS A record and rDNS for each domain/subdomain/IP. Setup MX, SPF and DKIM for the main domain.
Post: Config rDNS, MX,SPF,DKIM DNS record for Mail Server

4. Install and config PMTA (PowerMTA)

Post: Install and Config PowerMTA (PMTA)
Post: PowerMTA Multiple Virtual PMTA config file sample

5. Install and config phpList, Oempro or Interspire for the frontend management. This includes campaign management, statistics, schedule, user management, subscribe, unsubscribe and bounces management.

Post: Config Interspire to send bulk email from PowerMTA (PMTA)
Post: Config Oempro to send bulk email from PowerMTA (PMTA)
Post: Config PHPList to send bulk email from PowerMTA (PMTA)

6. Maintain the Bulk/Mass mailing system. This includes review logs, process bounces and adjust mailing policy.

Post: What is ROKSO, SBL, XBL, PBL or DBL?

Config rDNS, MX,SPF,DKIM DNS record for Mail Server

Jack Huang System Admin 6 Comments

1. MX record

A mail exchanger record (MX record) is a type of resource record in the Domain Name System that specifies a mail server. An MX record is the fully qualified domain name of a mail host and a preference value. The host name must map directly to one or more address record (A, or AAAA) in the DNS, and must not point to any CNAME records.

2. SPF

Sender Policy Framework (SPF) is a simple email validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain is being sent from a host authorized by that domain's administrators. The list of authorized sending hosts for a domain is published in the Domain Name System (DNS) records for that domain in the form of a specially formatted TXT record. Email spam and phishing often use forged sender addresses, so publishing and checking SPF records can be considered anti-spam techniques.

3. DKIM

DomainKeys Identified Mail (DKIM) is an email validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain is authorized by that domain's administrators and that the email (including attachments) has not been modified during transport. A digital signature included with the message can be validated by the recipient using the signer's public key published in the DNS.

DKIM Validation Tools:

http://www.mail-tester.com/

http://www.brandonchecketts.com/emailtest.php

http://dkimcore.org/tools/

4. rDNS reverse DNS Resolution:

An e-mail Anti-spam technique is to check the domain names in the rDNS to see if they are likely from dialup users, dynamically assigned addresses, or other inexpensive Internet services. A recent shift has shown that spamming has switched to mainly coming from hosting companies making using rDNS even less useful. All of this adds to the argument that the few services that choose to block email servers purely on the basis of rDNS are simply discriminating without merit and often miss out more pro-active and useful indiscriminate anti spam measures.

 

What is ROKSO, SBL, XBL, PBL or DBL?

Jack Huang System Admin 1 Comment

ROKSO (Register of Known Spam Operations)

The Register of Known Spam Operations (ROKSO) database collates information and evidence on known persistent spam operations that have been terminated by a minimum of 3 Internet Service Providers for spam offenses.

SBL (Spamhaus Block List)

The Spamhaus Block List is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.

The SBL is queriable in realtime by mail systems thoughout the Internet, allowing mail server administrators to identify, tag or block incoming connections from IP addresses which Spamhaus deems to be involved in the sending, hosting or origination of Unsolicited Bulk Email (aka "Spam").

XBL (Exploits Block List)

The Spamhaus Exploits Block List is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc), worms/viruses with built-in spam engines, and other types of trojan-horse exploits.

PBL (Policy Block List)

The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer's use. The PBL helps networks enforce their Acceptable Use Policy for dynamic and non-MTA customer IP ranges.

DBL (Domain Block List)

The Spamhaus DBL is a realtime database of domains (typically web site domains) found in spam messages. Mail server software capable of scanning email message body contents for URIs can use the DBL to identify, classify or reject spam containing DBL-listed domains

List of website to check if your IP is in the blacklist or to remove your IP from the blacklist:
http://www.mxtoolbox.com/blacklists.aspx
http://www.spamhaus.org/lookup/
http://cbl.abuseat.org/lookup.cgi
http://rbls.org/