Testing SMTP server from a Kubernetes Cluster or a Container using telnet and openssl

Sometimes fault finding a SMTP server connection can be difficult, and it is critical in the setup of Utopia. Emails provide a way for Utopia to verify user registrations and activate accounts. If your initial inputs are not working, it can be difficult to get the correct error responses to try fault find these issues. In this tutorial we will look at how you can spin up a pod or container within your environment to test your login details using telnet and openssl.

We will assume you are using basic auth for your smtp server, in this scenario we will be using a sendgrid server as an example:

First Step is to create base 64 encoded versions of your user name and password, you can easily do this using a bash terminal:

Username example is apikey:

echo -n "apikey" | base64

response is now apikey in base64, save this for future use:

YXBpa2V5

Now we need to do that same with the password:

echo -n "SG.therestofyourpassword123445" | base64

now save your base64 password response:

U0cudGhlcmVzdG9meW91cnBhc3N3b3JkMTIzNDQ1

Second step is to fire up a container or pod which we can test with, we have created a test Image that contains telnet and openssl for you. If you are using docker you can create a container from this image:

registry.gitlab.com/utopia6705046/utopiasync/utopiasync-telnet:0-deploy-telnet-uat

If you are using Kubernetes, create a deployment using the yml below, please note that if your utopia instance was installed in a particular namespace you will need to update the default namespace to your created namespace.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: telnet-deployment
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: telnet
  template:
    metadata:
      labels:
        app: telnet
    spec:
      containers:
        - name: telnet-container
          image: registry.gitlab.com/utopia6705046/utopiasync/utopiasync-telnet:0-deploy-telnet-uat
      imagePullSecrets:
        - name: regcred

once you have loaded these, you will either have a container or a pod in your cluster loaded. We now need to log into these, in a container you can simply use docker to sign in, if you are using a kubernetes cluster you can follow login using kubectl:

First query the names of your pods (please change the namespace from default for all of these if applicable):

kubectl get pods -n default

find the telnet-deployment pod, you should see something like this eg:

NAME                                              READY   STATUS    RESTARTS        AGE
mongo-84cc474474-prmnv                            1/1     Running   0               4h15m
mysql-68d66fbf96-2zxkb                            1/1     Running   0               4h15m
redis-847b96869d-44n5n                            1/1     Running   0               4h15m
telnet-deployment-6b774858cd-6gst7                1/1     Running   0               4m7s
utopia-identity-577dc9c55-n2z4w                   1/1     Running   11 (4h5m ago)   4h15m
utopia-ingress-nginx-controller-7448ddf86-zxk56   1/1     Running   1 (4h9m ago)    4h15m
utopia-microservices-64c69b9d64-4llv7             1/1     Running   4 (4h5m ago)    4h15m
utopia-smtp-678f465d7d-vlll8                      1/1     Running   1 (4h9m ago)    4h15m
utopia-third-party-api-58d4cffbdd-fgdkp           1/1     Running   1 (4h9m ago)    4h15m
utopia-utopia-api-75c555df89-qx286                1/1     Running   1 (4h9m ago)    4h15m
utopia-utopia-ui-6c8cd47b6d-8qtfs                 1/1     Running   1 (4h9m ago)    4h15m

now you can copy the full telnet pod name and login

kubectl exec -it telnet-deployment-6b774858cd-6gst7 -n utopia -- /bin/sh

You should now see a terminal popup from inside the container/pod.

we can now try connect to the smtp server, if you are running no ssl or tls you can use telnet

telnet smtp.sendgrid.net 587

but in our case sendgrid requires tls so we need to login using openssl.

check if openssl is installed:

openssl version

expected response:

OpenSSL 1.1.1n  15 Mar 2022

If you do not get the accurate response, please install openssl using

apt-get update
apt-get install -y openssl

Once installed check the version and if all is ok then you can log into your SMTP server using the following:

openssl s_client -starttls smtp -crlf -connect smtp.sendgrid.net:587 -ign_eof -tls1_2

you can now Auth using your base 64 credentials:

AUTH LOGIN

you will first be prompted for you username: 334 VXNlcm5hbWU6

input your base 64 (remember to use your username the below is just an example)

YXBpa2V5

and then your password: 334 UGFzc3dvcmQ6

input your base64 password

U0cudGhlcmVzdG9meW91cnBhc3N3b3JkMTIzNDQ1

you are now logged in and should receive a message:

235 Authentication successful

we can now start the email sending process, first assign who you are emailing from address:

MAIL FROM:noreply@yourdomain.com

if successful: 250 Sender address accepted

then we assign your recipient address:

RCPT TO:me@yourdomain.com

if successful: 250 Recipient address accepted

We then tell the server we are going to input the email data:

DATA

expected response: 354 Continue

Then send your email body, you might need to include the from address:

From: noreply@moditar.com
Subject: Test Email

This is a test email sent via OpenSSL.

.

expected response: 250 Ok: queued as WbDoodK5S92faonWr4d3cg

you can now exit

QUIT

and we are complete, hopefully you recieve an email verifying your smtp login details and access from your cluster.

If this is not the case, hopefully at each point here you will be able to identify where the issue could be, is it on login, or authentication? maybe an incorrect from sender etc.

Use this process to help dial in your fault finding. As always, get in touch if you have problems.

Last updated