"The mind of a Mad Tech!"

Here is a simple and quick way to test a SMTP mail relay service.

Use the telnet program in unix or windows to connect to port 25(SMTP) on your
SMTP server.  Note that windows telnet from the command line will not echo what
you type so it is not recommended.

  telnet mail.yourdomain.com 25

You will be prompted with a SMTP server response something like this..

  Trying 64.26.21.198...
  Connected to mail.yourdomain.com.
  Escape character is '^]'.
  220 mail.yourdomain.com ESMTP Sendmail 8.9.3/8.9.3; Tue, 27 Aug 2002 16:20:32 -0500

Next you identify yourself with the ehlo "hello" command..

  ehlo myhost.mydomain.com

You should see a response like this..

  250-mail.yourdomain.com myhost.mydomain.com [203.32.9.6] pleased to meet you
  250-8BITMIME
  250-SIZE 10000000
  250-DSN
  250-ONEX
  250-ETRN
  250-XUSR
  250 HELP

Now start creating the mail message by entering the from address..  

  mail from: [email protected]

You will recieve a response like this..

  250 [email protected].. Sender ok

Now define the recipient's address..

  rcpt to: [email protected]
If the mail server allows relay for the user you specified, you will recieve
a resonse like this..

  250 [email protected].. Recipient ok

If the mail server does not allow relaying for the user specified, you will
an error like this..

  550 [email protected].. Relaying denied
This is a good way to test a mail server for the open relay vulnerability. If
the mail server allows relay for all email addresses and is publicly
accessable it may be used by spammers to send unsolicited mail.

Now we start the data part of the message, type...

  data

Next you need to construct the body of the message and optionaly nice looking
mail headers.  First the optional headers.  You can skip this step and still
send mail. When you are finished with the body of the message, type a single
"." on an otherwise empty line.  This will signal the end of the message.

  To: John Thomas <[email protected]>
  From: Jane Smith <[email protected]>
  Subject: Testing SMTP Mail Relay
  Dear John

  This is the body of the message.

  .

Now you will see a response like this..

  250 QAA07271 Message accepted for delivery
Finally, disconnect from the mail server by typing..

  quit

You will see..

  221 mail.yourdomain.com closing connection
  Connection closed by foreign host.
Optionaly you can continue to compose more messages.

Here is an end to end example...

user@host ~$ telnet 192.168.99.99 25
Trying 192.168.99.99...
Connected to mx.someotherplace.com (192.168.99.99).
Escape character is '^]'.
220 mx.someotherplace.com ESMTP CSEEMail (2.0)
ehlo myhost.org
250-mx.someotherplace.com
250-PIPELINING
250-SIZE 28672000
250-VRFY
250-ETRN
250 8BITMIME
mail from: [email protected]
250 Ok
rcpt to: [email protected]
250 Ok
data
354 End data with <CR><LF>.<CR><LF>
Subject: Howdy from me
here is the end to end test
.
250 Ok: queued as D3A30D80E1
quit
221 Bye
Connection closed by foreign host.
user@host ~$

Tags: mta, Qmail, relay, sendmail

By default, the maximum number of concurrent connections from one ip in Qmail (plesk) is set to 4. Anymore than that and it will start to fail or reject the connections. Normally this isn’t an issue, but if you use an email client that tries to establish more than 4 connections at once, you will run into an issue.

To bypass this, you can edit the following files and change the MAXPERIP value to a different number. Remember, however the path’s may be different depending on your OS, so if it’s not the same as the path’s I list, you will need to locate/find or Grep for them. The path’s and files are;

/etc/courier-imap/imapd

/etc/courier-imap/pop3d

(another path is also /usr/lib/courier-imap/etc/imapd and /usr/lib/courier-imap/etc/pop3d)

Once you’ve made the edits, you will need to restart the mail service;

/etc/init.d/courier-imap stop and /etc/init.d/courier-imap start

=)

Tags: MAXPERIP, Plesk, Qmail

If you happen to notice that your server (dedicated or vps) is running at 100% cpu usage or close to it, and you notice the following that qmail is using all of your cpu usage;

---

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
28141 qmaild 25 0 4600 1376 1168 R 27 0.1 0:28.09 qmail-smtpd
27851 qmaild 25 0 4708 1372 1168 R 26 0.1 1:23.48 qmail-smtpd
28268 qmaild 25 0 3948 1372 1168 R 24 0.1 0:05.79 qmail-smtpd
27507 qmaild 25 0 4468 1372 1168 R 23 0.1 1:56.58 qmail-smtpd
28244 qmaild 25 0 4520 1372 1168 R 20 0.1 0:06.82 qmail-smtpd
28045 qmaild 25 0 3820 1376 1168 R 20 0.1 0:48.50 qmail-smtpd
28117 qmaild 25 0 3724 1372 1168 R 20 0.1 0:33.20 qmail-smtpd
28118 qmaild 25 0 4452 1372 1168 R 20 0.1 0:33.59 qmail-smtpd
28163 qmaild 25 0 5200 1380 1168 R 20 0.1 0:25.30 qmail-smtpd

You can check on the /var/qmail/control directory for 2 files;

dh512.pem
dh1024.pem
If you don’t see them or with another naming (dhparam512 and dhparam1024), rename them accordingly.

After that, you will need to restart qmail and xinetd;

# service qmail restart

# service xinetd restart

Without dh512.pem and dh1024.pem, qmail has to create certificate and key pairs when other mail servers or mail users connect to qmail via TLS. If qmail is forced to create them on the fly, you will see a huge performance hit, and your load will be higher than it normally should be. By copying the dhparam files over, you will pre-populate the SSL key and certificate for qmail to use, and all it has to do is pick it up off the file system rather than regenerating it each time, thus saving your cpu usage from maxing out. Usually it will drop your cpu usage.

Tags: Plesk, Qmail