- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
- Fortinet Community
- Knowledge Base
- FortiSIEM
- How to Perform a basic SMTP test against the Mail ...
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Description
Scope
FortiSIEM All Versions
Solution
This article will walk you through steps on connecting and testing mail gateway / mail server / smtp server communications. This will help with notification troubleshooting.
You can use this article as a guideline to test the server connectivity.
NOTE: port 25 is in not secure. Tour SMTP
gateway may use another port and also possibly accept other input.
Below is an example of basic SMTP tests that can be performed from
commandline.
Scope
FortiSIEM All Versions
Solution
1 - Shell into a FortiSIEM Node (Worker or Super)
2 - Run the following command:
telnet <mail server> 25
At the prompt, you may begin your test against the SMTP gateway by manually typing out the data in each step:
NOTE: Throughout the entire mail message, you're looking for 250 SMTP code to indicate acceptance and processing from the remote server.
Any errors here should be consulted with the mail server administrator. This could indicate communication problems with the mail server.
3 - EHLO <host>
4 - MAIL FROM:<SENDERADDRESS>
5 - RCPT TO:<RECIPIENTADDRESS>
6 - DATA
7 - Subject: Test message
8 - (Blank line, press Enter again)
9 - This is a test.
10 - (Blank line, press Enter again)
11 - .
Mail Gateway Response code:
SMTP code .
Example of usage and response from remote server:
# telnet smtp.fortinet.com 25
Trying 208.91.113.81...
Connected to smtp.fortinet.com.
Escape character is '^]'.
220 smtp.fortinet.com ESMTP Smtpd; Mon, 9 Sep 2019 07:47:35 -0700
ehlo 0
250-smtp.fortinet.com Hello [96.45.34.13], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE 25067520
250-DSN
250-AUTH LOGIN PLAIN
250-STARTTLS
250-DELIVERBY
250 HELP
mail from:mrobles@fortinet.com
250 2.1.0 mrobles@fortinet.com... Sender ok
rcpt to: mrobles@fortinet.com
250 2.1.5 mrobles@fortinet.com... Recipient ok
data
354 Enter mail, end with "." on a line by itself
subject: test
this is a test.
.
250 2.0.0 x89ElZ4l028119-x89ElZ4m028119 Message accepted for delivery
SMTP Response Codes from and it's Definition:
220 - SMTP Service ready.
221 - Service closing.
250 - Requested action taken and completed.
251 - The recipient is not local to the server, but the server will accept and forward the message.
252 - The recipient cannot be verified, but the server accepts the message and attempts delivery.
354 - Start message input and end with .. This indicates that the server is ready to accept the message itself (after you have told it who it is from and where you want to to go).
421 - The service is not available and the connection will be closed.
450 - The requested command failed because the user's mailbox was unavailable (for example because it was locked). Try again later.
451 - The command has been aborted due to a server error. Not your fault. Maybe let the admin know.
452 - The command has been aborted because the server has insufficient system storage.
500 - The server could not recognize the command due to a syntax error.
501 - A syntax error was encountered in command arguments.
502 - This command is not implemented.
503 - The server has encountered a bad sequence of commands.
504 - A command parameter is not implemented.
521 - This host never accepts mail; a response by a dummy server.
541 - The message could not be delivered for policy reasons—typically a spam filter. (Only some SMTP servers return this error code.)
550 - The requested command failed because the user's mailbox was unavailable (for example because it was not found, or because the command was rejected for policy reasons).
551 - The recipient is not local to the server. The server then gives a forward address to try.
552 - The action was aborted due to exceeded storage allocation.
553 - The command was aborted because the mailbox name is invalid.
554 - The transaction failed. Blame it on the weather.
555 - The server does not recognize the email address format, and delivery is not possible.
556 - The message would have to be forwarded, but the receiving server will reject it.
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.