Test your mail server
Basic Sending of Mail
As a first basic test, try to send mail using sendmail. You'll want to log in to the server using ssh. Then on the server, create the file ~/samplemail:
$ sendmail -v -F fromname -f from@example.com to@example.com From: from@example.com To: to@example.com Subject: Alpha Bravo Date: Wed, 18 Sep 2024 16:26:35 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Charlie Delta Echo Foxtrot
Replace fromname with the name of the sender (your name), from@example.com
with the sender's address, and to@example.com with the email you want to send
to.
Press ctrl+d to end the letter.
You should see the following output:
<<< 220 example.com ESMTP OpenSMTPD >>> EHLO localhost <<< 250-example.com Hello localhost [local], pleased to meet you <<< 250-8BITMIME <<< 250-ENHANCEDSTATUSCODES <<< 250-SIZE 36700160 <<< 250-DSN <<< 250 HELP >>> MAIL FROM:<from@example.com> <<< 250 2.0.0 Ok >>> RCPT TO:<to@example.com> <<< 250 2.1.5 Destination address valid: Recipient ok >>> DATA <<< 354 Enter mail, end with "." on a line by itself >>> . <<< 250 2.0.0 379ec228 Message accepted for delivery >>> QUIT <<< 221 2.0.0 Bye
Sending with your mail client
You should also send email from a known, working email address to your new mail server. Afterwards, configure your e-mail client to see if you were able to receive the letter.
Sending with netcat
You can test to see if you can send a letter to your server using netcat:
$ nc example.com 25 220 example.com ESMTP OpenSMTPD
Next, we type HELO followed by our sending domain:
HELO example.com 250 example.com Hello example.com [38.81.163.143], pleased to meet you
Afterwards, we type our sending mail address:
MAIL FROM: <from@example.com> 250 2.0.0 Ok
And the destination mail address:
RCPT TO: <to@example.com> 250 2.1.5 Destination address valid: Recipient ok
Then we type DATA followed by our email:
DATA 354 Enter mail, end with "." on a line by itself From: from@example.com To: to@example.com Subject: Alpha Bravo Date: Wed, 18 Sep 2024 16:26:35 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Charlie Delta Echo Foxtrot
We then type . to end the email, then QUIT:
. 250 2.0.0 e57f9a36 Message accepted for delivery QUIT 221 2.0.0 Bye
Here's the complete process:
$ nc example.com 25 220 example.com ESMTP OpenSMTPD HELO example.com 250 example.com Hello example.com [38.81.163.143], pleased to meet you MAIL FROM: <from@example.com> 250 2.0.0 Ok RCPT TO: <to@example.com> 250 2.1.5 Destination address valid: Recipient ok DATA 354 Enter mail, end with "." on a line by itself From: from@example.com To: to@example.com Subject: Alpha Bravo Date: Wed, 18 Sep 2024 16:26:35 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Charlie Delta Echo Foxtrot . 250 2.0.0 e57f9a36 Message accepted for delivery QUIT 221 2.0.0 Bye
Open Mail Relay
Make sure your mail server is not an open relay!
$ nc example.com 25 220 example.com ESMTP OpenSMTPD HELO fakedomain.com 250 example.com Hello fakedomain.com [38.81.163.143], pleased to meet you MAIL FROM: <criminal@fakedomain.com> 250 2.0.0 Ok RCPT TO: <victim@otherplace.com> 550 Invalid recipient: <victim@otherplace.com>
In this example, you are pretending to send email from criminal@fakedomain.com to victim@otherplace.com using example.com as a relay.
You should get Invalid recipient or some similar rejection message.
If you do not, example.com is likely running an open mail relay.
Here's how it appears when the mail server is improperly configured:
$ nc example.com 25 220 example.com ESMTP OpenSMTPD HELO fakedomain.com 250 example.com Hello fakedomain.com [38.81.163.143], pleased to meet you MAIL FROM: <criminal@fakedomain.com> 250 2.0.0 Ok RCPT TO: <victim@otherplace.com> 250 2.1.5 Destination address valid: Recipient ok
Notice this time it says Recipient ok even though it comes from a spoofed sender to an external domain. This will allow anyone to use your server to spam another mail server with forged addresses. If you don't fix this, you will get blacklisted for spam!
Testing Deliverability
| URL | Description |
|---|---|
| https://dkimvalidator.com/ | Send a test email and see if DKIM/SPF validation passes |
| http://multirbl.valli.org | Send a test email and look for any red flags |
| https://dmarc.org/resources/deployment-tools/ | |
| https://toolbox.googleapps.com/apps/checkmx | |
| https://postmaster.google.com/u/0/managedomains | |
| https://www.mail-tester.com | |
| https://www.spamscore.net/ | |
| https://glockapps.com/ | |
| https://www.senderscore.org/ | |
| https://www.gmass.co/inbox | |
| autoreply@dmarctest.org | |
| check-auth@verifier.port25.com | |
| https://campaigncleaner.com/tools/mail-tester/ |
How to Fix
You will want to check your smtpd.conf ruleset to make sure you never allow any domain to send to any domain. You should only allow local hosts to send to external domains, and for any host to send to your domains.