Using Telnet and PowerShell to Test SMTP Relay

PowerShell Method:

Example of Failure:

PS C:\> sendTestEmail 'someone@gmail.com' 'password' 'sendTo@gmail.com'
Detected MX Record : ywpjf4z5siycosmh7uqymtuygcjehuc67wa6o4rq4k2a3g2aodma.mx-verification.google.com
Known SMTP Server : smtp.gmail.com
Secure SMTP Parameters detected.
WARNING: Error: email has NOT been sent.
The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.0
Authentication Required. Learn more at
False

Example of Success:

PS C:\> sendTestEmail 'someone@gmail.com' 'password' 'sendTo@gmail.com'
Detected MX Record : aspmx.l.google.com
Known SMTP Server : smtp.gmail.com
Secure SMTP Parameters detected.
Email has been sent to sendTo@gmail.com successfully
True

Example of Google Gmail disallowing Unsecured App:

The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.0
Authentication Required.

Resolution for the Gmail Issue:

Enable less secure apps at: https://myaccount.google.com/lesssecureapps?pli=1

Note: This setting is hidden if the organization’s administrator has locked less secure app account access feature

# This version has been deprecated by https://kimconnect.com/powershell-script-to-send-emails

$emailFrom="test@kimconnect.net"
$emailTo="someuser@contoso.com"
$cc=$null
$emailPassword="PASSWORD"
$subject="Test Email to Validate SMTP"
$body="This is a test email.<br><br>Please disregard"
$port=587
$encryptedPass=ConvertTo-SecureString -String $emailPassword -AsPlainText -Force
$emailCred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $emailAccount,$encryptedPass

function sendTestEmail{
    [CmdletBinding()]
    param(
    [Parameter(Mandatory)]$emailFrom,
    [Parameter(Mandatory)]$emailPassword,
    [Parameter(Mandatory)]$emailTo,    
    [Parameter(Mandatory=$false)]$cc,
    [Parameter(Mandatory=$false)]$subject="Test Email to Validate SMTP",
    [Parameter(Mandatory=$false)]$body="This is a test email.<br><br>Please disregard",
    [Parameter(Mandatory=$false)]$smtpServer=$null,
    [Parameter(Mandatory=$false)]$port=587
    )

    $encryptedPass=ConvertTo-SecureString -String $emailPassword -AsPlainText -Force
    $emailCred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $emailFrom,$encryptedPass

    function getMxRecord($emailAddress){
        $regexDomain="\@(.*)$"
        $domain=.{[void]($emailAddress -match $regexDomain);$matches[1]}
        $mxDomain=.{$result=(resolve-dnsname $domain -type mx).NameExchange
                    if ($result.gettype() -eq [String]){return $result}else{return $result[0]}}
        $smtpServer= switch -Wildcard ($mxDomain){ # need to build up this list
                            "*outlook.com" {"smtp.office365.com";break}
                            "*google.com" {"smtp.gmail.com";break}
                            "*yahoodns.net" {'smtp.mail.yahoo.com';break}
                            "*inbox.com" {'my.inbox.com;break'}
                            "*mail.com" {'smtp.mail.com';break}
                            "*icloud.com" {'smtp.mail.me.com';break}
                            "*zoho.com" {'smtp.zoho.com';break}
                            default {$mxDomain}
                        }
        if($mxDomain){
            write-host "Detected MX Record`t: $mxDomain`r`nKnown SMTP Server`t: $smtpServer"
            return $smtpServer
            }
        else{
            write-warning "MX record not available for $emailAddress"
            return $null
            }
    }
    
    $detectedSmtpServer=getMxRecord $emailFrom
    $smtpServer=if($smtpServer -ne $null -and $smtpServer -eq $detectedSmtpServer){
                    $smtpServer
                }elseif($smtpServer -ne $null -and $smtpServer -ne $detectedSmtpServer){
                    write-warning "Detected SMTP server $detectedSmtpServer does not match provided value $smtpServer"
                    $detectedSmtpServer
                }else{
                    $detectedSmtpServer
                    }
    
    $secureSmtpParams = @{        
        From                       = $emailFrom
        To                         = $emailTo
        cc                         = if($cc){$cc}else{$emailFrom}
        Subject                    = $subject
        Body                       = $body
        BodyAsHtml                 = $true
        DeliveryNotificationOption = 'OnFailure','OnSuccess'
        SmtpServer                 = $smtpServer
        Port                       = $port
        UseSSL                     = $true
        Credential                 = $emailCred
    }

    $relaySmtpParams=@{
        From                       = $emailFrom
        To                         = $emailTo
        Subject                    = $subject
        Body                       = $body
        BodyAsHtml                 = $true
        DeliveryNotificationOption = 'OnFailure', 'OnSuccess'
        SmtpServer                 = $smtpServer
        Port                       = 25
    }

    if ($port -ne 25){
        write-host "Secure SMTP Parameters detected."
        $emailParams=$secureSmtpParams
        }else{
            write-host "Unsecured SMTP Parameters detected."
            $emailParams=$relaySmtpParams
            }

    try{
        Send-MailMessage @emailParams -ErrorAction Stop
        write-host "Email has been sent to $emailTo successfully"
        return $true;
        }
    catch{
        $errorMessage = $_.Exception.Message
        $failedItem = $_.Exception.ItemName
        write-warning "Error: email has NOT been sent.`r`n$errorMessage`r`n$failedItem"
        return $false
        }

}
Telnet (old-school) Method:

Step 1: Get the Relay FQDN or IP of the target domain

PS C:\Windows\system32> nslookup
Default Server: dc1.kimconnect.net
Address: 192.168.0.21

> set type=mx
> contoso.com
Server: dc1.kimconnect.net
Address: 192.168.0.21

Non-authoritative answer:
contoso.com MX preference = 10, mail exchanger = mx1-us2.contoso.com
contoso.com MX preference = 10, mail exchanger = mx2-us2.contoso.com

mx1-us2.contoso.com internet address = 1.1.1.1
mx1-us2.contoso.com internet address = 2.2.2.2
mx2-us2.contoso.com internet address = 3.3.3.3
mx2-us2.contoso.com internet address = 4.4.4.4
> exit

Step 2: Test SMTP relay using Telnet

SET localecho
OPEN mx1-us2.contoso.com 25
EHLO contoso.com
MAIL FROM:<testrelay@contoso.com>
RCPT TO:<testrelay@contoso.com>
DATA
Subject: Test SMTP Relay
Testing...
.
QUIT

Example of source IP being blocked:

EHLO yomama.com 421 4.3.2 No system resources. Please provide the following IP address when reporting problems: x.x.x.x

Leave a Reply

Your email address will not be published. Required fields are marked *