Testing network services from the command line
The best way to experiment, is to attempt to eliminate as many variables as possible, other than that which you intend to examine. So it is with network services. If we want to remove all the vagaries introduced by poor protocol implementation by clients (user agents) or network oddities, etc., then we are left the with the most simple test of he service in question.
"Connect as directly as possible using the simplest possible client"
The simplest way to test method most network services is sending text directly to the port on the server via telnet. If your server only permits TLS or OpenSSL encrypted communication, as one might argue it should, then the simplest is to use OpenSSL's s_client. This is true for SMTP, IMAP and HTTP services.
Here I am addressing manual testing for troubleshooting purposes, not automated testing, such as smoke tests, regression testing, continuous intergration, and the like.
Example SMTP session via telnet
telnet mail.allgoodbits.org 25 Trying 97.107.132.102... Connected to smtp.allgoodbits.com. Escape character is '^]'. 220 smtp.allgoodbits.com ESMTP Postfix ehlo client.allgoodbits.org 250-smtp.allgoodbits.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from:<me@example.com> 250 2.1.0 Ok rcpt to:<testing@example.com> 450 4.2.0 <testing@example.com>: Recipient address rejected: Greylisted quit 221 2.0.0 Bye
Testing SMTP-AUTH via openssl s_client
First you need to have base64 encoded versions of your username and password:
perl -MMIME::Base64 -e 'print encode_base64("\000username\@domain\000password");'
Then use openssl to talk to the appropriate port on your SMTP server, probably 25 or 587:
openssl s_client -connect localhost:587 -starttls smtp <snip lots of TLS/SSL-related output> 250 DSN ehlo smtp.allgoodbits.com 250-smtp.allgoodbits.com 250-PIPELINING 250-SIZE 50000000 250-VRFY 250-ETRN 250-AUTH PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH PLAIN <your base64 encoded username/password> 235 Authentication succeeded
Example IMAPS session via openssl s_client
IMAP requires numbered identifiers for each command.
Here's an example not-quite-minimal session:
openssl s_client -connect mail.allgoodbits.org:993 <snipped lots of output about setting up the SSL> * Ok Dovecot ready 01 login me@example.com mypassword 01 OK Logged in 02 select Inbox * FLAGS (\Answered \Flagged \Deleted \Seen \Draft $Forwarded nonjunk $notjunk junkrecorded Junk $MDNSent) * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft $Forwarded nonjunk $notjunk junkrecorded Junk $MDNSent)] Flags permitted. * 1 EXISTS * 0 RECENT * OK [UIDVALIDITY 1213909585] UIDs valid * OK [UIDNEXT 3353] Predicted next UID 02 OK [READ-WRITE] Select completed. 03 logout * BYE Logging out 03 OK Logout completed. closed
Example HTTP session via telnet
telnet www.allgoodbits.org 80 Trying 97.107.132.102... Connected to allgoodbits.org. Escape character is '^]'. GET / HTTP/1.1 Host: www.allgoodbits.org
The final blankline is required by the protocol. The first line of the response should be:
HTTP/1.1 200 OK