Home
Unix
Security
Publications
Links
About Site

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

SMTP Troubleshooting Tips

Using Telnet, Nslookup, and Ping


Have you ever wondered how to test an SMTP server to insure it was setup correctly? Have you ever had trouble with your network email being sent across your intranet or across the Internet? Lets begin with a typical scenario. The email client is installed correctly but it reports the SMTP server as unavailable. Using the telnet to port 25 steps it is easy to see if the SMTP server is actually running and configured to relay email correctly. There is an easy and effective way to test that SMTP is running and that email is getting thru. Sure, email client like Netscape Messenger or Outlook Express or Eudora could be used, but what if the machine you are working on does not have an SMTP capable client such as Outlook or Netscape Messenger or Eudora. In this article we'll use a fictitious company named Acme, Inc. to illustrate the steps that need to be taken in a real SMTP email problem situation..

SMTP stands for Simple Mail Transfer Protocol, it is the protocol used by the TCP/IP protocol suite to relay email throughout the Internet. The default SMTP TCP port is 25. If you would like more information on TCP/IP and how SMTP fits into it, see http://www.ietf.org . In this example we are going to be at the virtual company ACME, Inc.

The server that is being worked on is called reportsrv.acme.com. The technical specifications provided by the customer require the use of the SMTP server called mailsrv.acme.com for relaying email.

If you wanted to check if mailsrv.acme.com had SMTP running then you would start by typing telnet mailsrv.acme.com 25 at the command prompt or the Unix prompt. The command would open up a telnet session to the server mailsrv.acme.com and would specify that a connection be open to port 25. If a connection is made and server information is displayed, than SMTP is available.

The previous steps illustrate only how to check if there is an SMTP server running on that server. To check if email is capable of being sent using the SMTP server on the server, follow these steps: (The steps assume you are trying to connect to mailsrv.acme.com)

( WHEN COMMUNICATING WITH SMTP USE CAPITAL LETTERS IN THE TYPE COMMANDS. Some SMTP servers are very specific. Play it safe use Upper Case! )

STEPS (<CR> denotes the use of the Enter key)

Step 1.

Type: telnet mailsrv.acme.com 25 <CR>
Opens telnet, if smtp is running you will receive the following; Release information or version number or just the word ‘READY'.
 

Step 2.

Type: HELO <CR>
Initiates the conversation to mailsrv.acme.com and the response should be 250 OK.

Step 3.

Type: MAIL FROM: <efrain@ortizonline.com> <CR>
Identifies who is sending the message. This does not have to be a valid ID. The server response should be 250 OK.

Step 4.

Type: RCPT TO: <efrain@ortizonline.com> <CR>
Identifies to whom the message is sent. The server response should be 250 OK.

Step 5.

Type: DATA <CR>
Identifies the start point for message data. The server response should be some misc info, depending on SMTP server running on the server.

Step 6.

Type: "Testing the smtp server" <CR>
Once the test message is typed go to the next type command. The server response should be blank depending on SMTP server.

Step 7.

Type: . <CR>
Type a period and hit enter. The server response should be something to the effect of Mail accepted or Message sent.

Step 8.

Type: QUIT<CR>
The server response should be connection ended or session ended, depending on the telnet client.

Sample conversation with SMTP server:

HELO
MAIL FROM: <e@ortizonline.com>
RCPT TO: <e@ortizonline.com>
DATA
This is a test. This is to test that email works and will be sent back to a customer at acme corp.
<CR>
.
<CR>

Note: There is a carriage return after the period.

If the email you sent using the previous steps doesn't reach its destination there may be a number of things wrong. The absolute first action to take is to verify that other people can send SMTP mail. If e-mail is being sent go on to the following steps.

1. Check that the SMTP server can send packets out to the destination domain. Using ping can help determine if the intended destination is available. Ping stands for Packet InterNet Groper. For example, ping the email server at finance.acme.com to see if it is reachable. Type ping finance.acme.com. If ping does work try telnet servername.finance.acme.com.com 25 to see if the finance department email server has email running.

(Some of you may be asking, if ping doesn’t work why try to connect anyway?, The answer to that is, some departments or areas within a company can have firewalls setup to protect individual areas, such as Finance. If the firewall is blocking ICMP packets it is not necessarily blocking traffic to port 25 on a specific machine. Filters on firewalls are used to do just that within some security conscious companies).

If ping doesn’t return a reply from the destination server and “telnet servername 25” doesn’t work then the server is off or not accessible to you for any number of reasons, firewall protection being one. At this point contact the network administrator in order to have a clear path allowed from your machine to the other. If the local SMTP server works it doesn't mean the recipients SMTP server works.

2. Check that the SMTP server allows email to the intended domain. If the email recipient is someone in another domain, such as user@finance.acme.com, finance.acme.com may be blocked. Some SMTP servers have rules setup to not allow email to certain domains. This is rare but possible. Consult the Email administrator for rules on the companies SMTP server.

How do I find an SMTP server for a particular domain?

3. If you are wondering how to find the SMTP server that handles email for another domain, here are the instructions. In order to find out what server handles email for a particular domain use the command nslookup. Nslookup stands for Name Server Lookup. After running nslookup at the > prompt type 'set querytype=MX' this tells nslookup to only return Mail eXchangers. This will return the name of the server that handles email for the domain you want. When finance.acme.com is typed at the > prompt nslookup will respond with the name of the smtp servers that handle mail for finance.acme.com. (See Following Example).

 

Sample use of nslookup from within the fictitious company ACME,Inc.

-------------------------------------------------------------------

Default Server: dns.acme.com

Address: 123.21.1.100

> set querytype=M

> acme.com

Server: dns.acme.com

Address: 123.21.1.100

acme.com MX preference = 0, mail exchanger = mx1.mail.acme.com

acme.com MX preference = 1, mail exchanger = mx2.mail.acme.com

acme.com nameserver = ns1.acme.com

acme.com nameserver = ns2.dca.acme.com

acme.com nameserver = ns3.europe.acme.com

acme.com nameserver = ns5.dcx.acme.com

ns1.acme.com internet address = 205.172.20.30

ns2.dca.acme.com internet address = 206.134.201.43

ns3.europe.acme.com internet address = 190.66.50.50

ns5.dcx.acme.com internet address = 162.34.75.20

In the previous output from an nslookup query, the email server name is now known. The smtp conversation to port 25 can be tested using mx1.mail.acme.com, since that is the primary SMTP Mail eXchanger designated by the MX preference =0. If mx1.mail.acme.com doesn't work try mx2.mail.acme.com.

If all the previous steps are followed and email still doesn't work you may want to consult someone who knows the network you are working on more thoroughly.

Hopefully the examples provided will help you in troubleshooting SMTP.

By: Efrain Ortiz, Jr. MCP+I,MCSE
Email: number6 at ortizonline dot com


Acronym Review:

SMTP Simple Mail Transport Protocol
PING Packet InterNet Groper

Comments? Questions? Rants? Raves? number6 at ortizonline dot com



 

  Download:
  SMTP TIPS