How to telnet to a POP server that requires SSL
But what about when the mail server has been set up to not allow plan-text connections (i.e. an SSL connection must be used)?
While you could use telnet to connect directly to port 995, the thought of attempting SSL key exchange using only the keyboard fills me with all kinds of dread, not to mention the work involved in doing the on-the-fly encryption and decryption of the data stream. [shiver]. No, telnet is a non-starter here.
Turns out there is an easy way. One of openssl's more obscure options (well, it was obscure to me) comes to the rescue.
openssl s_client -connect <server_name>:995
Using the above command will get openssl to setup a secure, interactive, SSL tunnel between your terminal and the server on port 995 (the port normally used for POP3+SSL).
Very useful.
Delicious
Digg
StumbleUpon
Reddit
Technorati- Keith's blog
- Login to post comments
 | Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-Share Alike 2.0 UK: England & Wales License. |
| NOTICE: | NO CONSENT IS GIVEN FOR INTERCEPTION OF PAGE TRANSMISSION |
Comments
It works with gmail but it
It works with gmail but it doesn't work with hotmail at pop3.live.com:995
Any idea what is happening?
Thanks a lot.
pop3.live.com 995
Yeps, as far as I know that's caused because hotmail uses windows servers (Of course) and the return carriage acts different than in *nix systems.
So you can try adding a parameter to force ssl to use the expected format.
openssl s_client -crlf -connect pop3.live.com:995
As is stated in openssl help:
-crlf - convert LF from terminal into CRLF
I tested it and worked ok, so I hope it's useful for you.
Regards.
Ooops, I forgot to mention
Ooops, I forgot to mention that if u use -crlf it still works for gmail too, so the safe option is always use that parameter.
openssl s_client -connect pop.gmail.com:995 <--- Works OK
openssl s_client -crlf -connect pop.gmail.com:995 <--- Works OK
openssl s_client -connect pop3.live.com:995 <--- NOT WORKING!
openssl s_client -crlf -connect pop3.live.com:995 <--- Works OK
Thanks for the information.
Thanks you for the information. It's really helpful for me though. Key up the good work pal.
Depending on how the server
Depending on how the server is configured, you may need to use SSL or TLS before you are able to use the AUTH command. In fact, if you are able to use the AUTH command without using either SSL or TLS, you are in fact sending your userid and password over the internet in clear text. Anybody with a packet revo sunglasses sniffer in the right spot will be able to read the base64-encoded string you send to authenticate, and it's really easy to decode that stuff- in fact the same command above will work if you change "encode_base64" to "decode_base64" (and put the encoded string between the double quotes, obviously.)
Thanks for this share. I
Thanks for this share. I will try and see how it works.
Superb!!! Thank you! I was
Superb!!! Thank you!
I was trying 2 hours all kind of tools before finding this solution :))
THANKS!
We where having trouble with a script reading yahoo mail (they only allow ssl) so I wanted to test it by hand like regular pop... this saved us like 2 hours I bet.... At least now we know we are really timing out and not having a problem with the script.
Off to check the firewall...
Thanks again.
VERY GOOD!!!
This is moren than great to know.
Are there any commands to send a login password. The command "user" - like used over telnet - works fine, but no further way to list up the emails in the INBOX.
Any idea?
Greetings
SilentGreen
I think you need to go read
I think you need to go read up on the POP protocol, it is very easy to lean and can be used inside a telnet session. Google for RFC 1939.
However, to answer your question, there are two POP commands that will let you authenticate and two commands that let you "list up" the mail in the mail box, they are:
Once you know about what messages exist you can then RETR them.
Thanks a million!
Thanks a million!
Thanks!
This is GREAT to know!!!