TLS v1.1 is labeled insecure, TLS v1.2 is current, TLS v1.3 is about to become current.
the (e)mail system from 1972 (slightly modified) is still the #1 communication channel, if one believes one’s surveys.
The current approved version of TLS is version 1.3, which is specified in:
The current standard replaces these former versions, which are now considered obsolete:
- RFC 2246: “The TLS Protocol Version 1.0”.
- RFC 4346: “The Transport Layer Security (TLS) Protocol Version 1.1”.
- RFC 5246: “The Transport Layer Security (TLS) Protocol Version 1.2”.
telnet example
what command can be send to mail server via 143? (telnet connected)
telnet 123.123.123.123 143
A001 CAPABILITY
* CAPABILITY IMAP4 IMAP4rev1 STARTTLS UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION
A001 OK CAPABILITY
A006 LOGOUT
When connected to a mail server via Telnet on port 143, you’re likely using the IMAP (Internet Message Access Protocol). Here are the primary commands you can send to manage email over IMAP:
## IMAP Commands via Telnet on Port 143
| Command | Description |
| —————— | ——————————————————————- |
| `A001 LOGIN username password` | Authenticate with your username and password. |
| `A002 SELECT inbox` | Selects a mailbox (e.g., inbox) to perform actions on. |
| `A003 LIST “” “*”` | Lists all mailboxes (folders). |
| `A004 FETCH 1 ALL` | Fetches all data for message 1 in the selected mailbox. |
| `A005 SEARCH ALL` | Searches for all messages in the selected mailbox. |
| `A006 LOGOUT` | Logs out of the IMAP session. |
### Example Session
1. Connect Using Telnet:
``` telnet mail.example.com 143 ```
2. Login:
``` A001 LOGIN user@example.com password ```
3. Select a Mailbox:
``` A002 SELECT INBOX ```
4. Fetch a Message:
``` A004 FETCH 1 ALL ```
5. Logout:
``` A006 LOGOUT ```
These commands allow you to interact with the email server for retrieving and managing emails. Make sure to replace `username`, `password`, and mailbox names with actual values.
perl example:
# via perl perl -MMIME::Base64 -e 'print encode_base64("\000username\@domain.com\000password")' # via bash echo -ne '\0username@domain.com\0password' | base64
now let’s connect:
# start TSL connection openssl s_client -connect smtp.hostname-of-mail-server.com:25 -starttls smtp CONNECTED(00000003) ... No client certificate CA names sent Peer signing digest: SHA512 Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 2476 bytes and written 335 bytes Verification error: self signed certificate --- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 4096 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: Session-ID-ctx: Master-Key: PSK identity: None PSK identity hint: None SRP username: None Start Time: 1567373167 Timeout : 7200 (sec) Verify return code: 18 (self signed certificate) Extended master secret: no --- 250 HELP EHLO there 250-hostname-of-mail-server.com Hello there [your.ip.123.123] 250-SIZE 52428800 250-8BITMIME 250-PIPELINING 250-AUTH PLAIN LOGIN 250-CHUNKING 250 HELP AUTH PLAIN 8903uldflkdz839ziufhdlhz3987r8zfidhfkjdhfkd== 334 235 Authentication succeeded mail from: username@domain.com 250 OK rcpt to: username@domain.com data subject: TestSubject 250 Accepted 354 Enter message, ending with "." on a line by itself
one can now enter a message like this:
Hello this is a telnet delivered test mail over a TSL encrypted connection - GoodDay Mate!
or test if spam and virus detectionis working:
===== SPAM-(SpamAssassin)Test: ===== To test the spam detection, we need to trigger an email that is detected as spam. This can be done by sending an email with the following in the mail content. (in upper case and with no white spaces and line breaks): XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X ===== VIRUS-(ClamAV)Test: ===== X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
to end it type a dot and hit enter:
. 50 OK id=1i3KPf-0002JW-0h quit 221 hostname-of-mail-server.com closing connection closed
Links:
https://en.wikipedia.org/wiki/Transport_Layer_Security
https://en.wikipedia.org/wiki/Comparison_of_TLS_Implementations
https://blog.tinned-software.net/setup-amavisd-new-with-spamassassin-and-clamav-with-postfix/
liked this article?
- only together we can create a truly free world
- plz support dwaves to keep it up & running!
- (yes the info on the internet is (mostly) free but beer is still not free (still have to work on that))
- really really hate advertisement
- contribute: whenever a solution was found, blog about it for others to find!
- talk about, recommend & link to this blog and articles
- thanks to all who contribute!
