0

I am using Telnet on an Ubuntu 18.04 Server being accessed via SSH. I log into the email server being set up that uses PostFix and DoveCot, to test if the "phil@xxxxxxx.com" mail account is working.

This is the exchange:

root@xxxxxxx:/var/log# telnet xxxxxxx.com 110 
Trying 2600:3c01::f03c:92ff:fe93:5fa0... Connected to xxxxxxx.com. 
Escape character is '^]'. +OK     Dovecot (Ubuntu) ready.
USER phil +OK 
PASS fakepassword 
-ERR [AUTH] Authentication failed.

I'm not trying to solve the entire mystery here, but just wanted to check on whether this is a valid use of Telnet. A website about using Telnet states the following:

However, you should note that Telnet is not encrypted. Most public internet services, such as Google or Yahoo, require an encrypted connection—which isn't supported by Telnet.

Is this a situation were the lack of encryption might contribute to the authentication failure? I'm guessing not, since I'm not going through a browser. I just wanted to verify that if everything was set up right, this would be a valid way to test the email account.

Phil Freihofner
  • 7,645
  • 1
  • 20
  • 41

1 Answers1

1

Yes, you can use telnet for protocol exploration. POP3 in this case is text based and not wrapped in TLS, so it works out without any other advanced tools (eg openssl).

That said you will want to familiarize yourself with the POP3 AUTH exchange, which is probably not going to accept credentials in cleartext these days. (If this were 1999, different story.)

https://ietf.org/rfc/rfc1939.txt

You might consider using an actual email program (MUA in the parlance) to negotiate the connection, in tandem with a protocol sniffer like wireshark to see how the exchange works.

bishop
  • 37,830
  • 11
  • 104
  • 139
  • I don't know if I understand this answer. Let's assume I set up everything correctly with the mail server. Is the error that I'm getting when using Telnet to log in an expected response, due to POP3 AUTH exchange not accepting cleartext credentials? Are you saying I should go forward with the tutorial and configure a MUA, that it well might work? My tendency is to try and verify what I have works without getting to far ahead self. But maybe the Telnet test was not the way to do it. – Phil Freihofner Dec 07 '19 at 06:39
  • 1
    Your test has told you, so fsr that a) port 110 is open, b) it accepts connections from you, c) it answers as a POP3 Dovecot server would, and d) allows you to begin the protocol exchange. The next step is to converse with the server. Either a) go learn the protocol yourself and then use telnet to converse or b) "hire a translator" (the MUA) that already speaks POP to help you out. What is your goal? Are you wantung to deeply ubderstand POP, or just get your mail running? – bishop Dec 07 '19 at 13:22
  • That said, whether it is expected or not depends upon your setup. If you have required that passwords be sent using an encryption scheme (highly likely in default configuations) then this isn't so surprising. If you have configured cleartext passwords, perhaps the dattabase on the dovecot side isn't setup correctly. Check the dovecot config and logs. – bishop Dec 07 '19 at 13:25
  • And be patient, mail systems are finicky! People get paid very good money to do nothing but keeping email working. – bishop Dec 07 '19 at 13:26
  • I thought I had set things up to allow clear text. My takeaway then, is to look (yet again) at the text file (planning not to bother with database, only supporting one or two emails total, probably) and how it is being accessed. Seems like a reasonable thing to first get that working before adding the encryption step. Also--thanks for the encouraging words. This setup has been quite difficult. – Phil Freihofner Dec 07 '19 at 15:59