Actions: | Security

Navigation: Home | Services | Tools | Articles | Other

Testing an SMTP server with netcat

Occasionally someone will claim that some service for which I am responsible is faulty in some way. I want to be able to say "my tests suggest that everything is okay at the moment, what can you show me that suggests that it is misbehaving?".

The criterion for SMTP servers is: "Is this MTA accepting and transferring mail as it should?". So the strategy is to determine a list of origin/destination tuples for which the MTA should transfer messages and verify whether it does in fact accept them and then deliver them.

In choosing a test process for my MTA, I am guided by 2 factors:

  1. Ease/simplicity. The test should be as automated and simple as possible.
  2. Correctness. The test should accurately answer the question.

For maximum simplicity, I want to interface directly with the system in question, so ncat [1] is an excellent tool choice. Unlike a regular MUA, it allows me to use handcrafted SMTP and unlike telnet, it can be easily automated.

ncat <hostname> <port> < /path/to/protocol/text

So if I'm attempting to assess whether is accepting mail for, I can use the following command:

ncat -C 25 < to_www_allgoodbits_org.txt

where to_www_allgoodbits_org.txt looks like:

EHLO hostname
From: A tester <>
To:   <>
Date: date
Subject: A test message from hostname

Delete me, please

For more automation, run the test message through a perl script to substitute the placeholders. It might look like this:

#!/usr/bin/env perl
# call me

use strict;
use warnings;

use Sys::Hostname;

while (<>) {
      my $date = `date "+%a, %d %b %Y %H:%M:%S %z"`;
      $_ =~ s/date/$date/;
      my $hostname = hostname();
      $_ =~ s/hostname/$hostname/;
      print $_;

Use it like this:

perl < message_template.txt |  ncat -C 25


[1]ncat comes with the network exploration and security auditing tool, nmap, and is an improved version of netcat. If ncat is not available netcat might be available as /usr/bin/nc on many Linux and BSD systems or possibly found as /usr/bin/netcat.