Solido Systems

The SMTP protocol (Simple Mail Transfer Protocol) is a text based protocol used to transport email between servers as well as between clients and servers. SMTP is a fairly old standard dating all the way back to 1982, in some ways it makes it a messy standard because we have had the need to patch it up with modern extensions several times since then, but it also makes it a very simple easy to understand protocol. This small SMTP tutorial will teach you how to communicate with SMTP servers by hand. It's not something you want to do daily, but it will give you the knowledge necessary to test an SMTP server by hand.

In theory, you can use any port for the SMTP protocol, but the standard port, and thus the one all public SMTP servers will listen to is 25. So to communicate with an SMTP service, we open a socket to it on port 25. Lets have a look at an example right now and then discuss the individual parts afterwards.

> telnet frontend01.mailsafe.dk 25
Trying 217.116.236.189...
Connected to frontend01a.mailsafe.dk.
Escape character is '^]'.

220 frontend01a.mailsafe.dk
HELO localhost
250 frontend01a.mailsafe.dk
MAIL FROM: <kjj@solidosystems.com>
250 OK
RCPT TO: <khl@solidosystems.com>
250 OK
DATA
354 Send the mail data, end with .
Subject: Hand written SMTP

Hi Kasper, Just testing an SMTP connection.
.
250 OK
QUIT
221

The first thing that happens once we connect, is that the server we have connected to greets us with 220 frontend01a.mailsafe.dk. The first part of the response is a number. 220 in this case, which simply means that it is ready to handle our connection. The second part is the name of the server. This is not strictly required by the standard, which means you can't rely on the data following the number to be in any kind of consistent format.

We respond to this with HELO localhost. HELO basically means hi, and localhost is our hostname. It is very important that you either use localhost for this or the correct hostname for your machine. If not, some servers will refuse any further communications from you. If the server accepts our greeting, it will respond with 250. You might have noticed that the server actually gave its full hostname after the numeric code. Most SMTP servers will do this, but there is no required format for the data given along with a response code, so you can't rely on it. The only thing that is clearly defined is the actual numeric code.

Once we have finished greeting each other, we can proceed with the actual mail sending part of the protocol. This is usually called the envelope. We initiate the sending of a new mail, by specifying that we have a new mail and who it is from, in the above example, we did that with MAIL FROM: <kjj@solidosystems.com>. Once again the server responds with 250 if it chooses to accept the from address.

If the server accepted our from address, we can start giving it recipient addresses. You can give several recipients in one go if you intend to send exactly the same email to all of them. You give each recipient by a separate line in the form of RCPT TO: <khl@solidosystems.com>. Once again, if the server accepts your recipient, it will respond with the code 250. If you try to give a recipient that is not local to the server you have connected to, it will typically reply with 550 No such user. An exception to this is if the server is a relay host which you have specifically been granted the right to relay through. In that case, it will most likely accept any valid email addresses. Finally, there is a possibility that you will get a 421 response. It used to be that those were given purely if the server was too busy or if the user had been temporarily suspended, but now it is far more often used for grey listing purposes. We will talk more about grey listing in a future post.

Once you have given the server your sender and the recipients for your email, its time to give it the actual data you intend to deliver. We do this by issuing the DATA command. If the server is ready to receive data, it will respond with 354. At this point, we are expected to start feeding the server with the actual content of our email, ending with a single "." and a line feed. If the server accepts the mail, it will respond with 250 and the email will be on its way to its recipient. After that, we can issue a QUIT command and close the connection.

Now for a final word about return codes. All return codes used in the SMTP protocol are 3 digit numbers. There is a meaning to each of the digits, but the primary thing you need to remember is the meaning of the first digit. 2 is for things that went well, 4 is for temporary errors and 5 is for permanent errors.

Thats it, the next time you have problems SMTP related problems you now know how to open a terminal and do a bit of testing by hand.