SWAKS: the SMTP Swiss Army Knife

flash_m_laser_1200_900
SWAKS is a general purpose testing tool for SMTP. For basic SMTP testing it’s a more convenient, scriptable alternative to running a transaction by hand, but it also lets you test things that are difficult to do manually, such as authentication or TLS encryption.
It’s a perl script that installs fairly easily on OS X or any Linux/unix system (and can be installed on Windows, if you have perl installed there).
It’s pretty well documented, but it can be a bit overwhelming to start with. Here are some simple recipes:
Send a test email:

swaks -f you@example.net -t someone@example.com

Check to see if a recipient exists:

swaks -f you@example.net -t someone@example.com \
        --quit-after RCPT

Send via a particular server:

swaks -f you@example.net -t someone@example.com \
        --server mail.example.com

Test user authentication for a smarthost:

swaks -tls --server example.com -f you@example.com \
        -t someone@example.net  -ao --auth-user=you

Test to see if a server supports opportunistic TLS:

swaks -tls -s mail.example.com -f you@example.net \
        --ehlo your.host.name --quit-after FROM

(The backslashes are just there to split a single command line into two, so you can read it easily on this narrow blog).
SWAKS has a lot of other tricks too – adding headers, using specific protocols and ports, attaching content. It’s a very useful tool, and gets even more so when you add a little bit of shell scripting to automate your testing further.

M3AAWG Boston
Bounces at Verizon

Related Posts

8 things that make your mail look like spam

In the comments of last week’s Wednesday question John B. asked

Read More

Does email have a guarantee of delivery?

A client asked me earlier this week what SLAs ISPs provided for email delivery. The short answer is that there isn’t a SLA and that the only guarantee is that the email will get there when it gets there.
But as I was mentioning this to Steve, he pointed out that there was a recent change in the RFCs for email. In both RFC 821/2 and RFC 2821/2 (the original email related RFCs and the update in the early 2000’s) the RFCs stated that once a receiving MTA accepted an email that that MTA was required to either delivery the mail or generate an asynchronous bounce. While this isn’t a standard SLA, it does mean that a 2xy response after DATA meant the email would either be delivered to the user or be sent back to the sender. Despite the RFC requirements some receivers would still drop mail on the floor for various reasons, sometimes intentionally and sometimes not.
RFC 5321/2, the current SMTP standard, still says that once a server accepts the mail it must not lose that mail ‘for frivolous reasons.’ The RFC goes on to admit, though, that in recent years, SMTP servers are under a range of attacks and dropping mail on the floor is not frivolous in those cases.
 

Read More

New Delivery tools

A couple nifty new delivery tools were published over the weekend.
Mickey published Bounce P.I. where senders can paste in an error message or bounce and it will tell you what filter generated it. If the rejection is unrecognized, it will flag the message internally and it will be researched to see if the filter can be identified.
Steve has a new tool at the DKIMCore site. The key generating tool and the record checking tool have been up for a while. This weekend, though, he published a tool to check the validity the DKIM record published in DNS. Tool output shows if the record is valid, the version and the public key.

Read More