Test an IMAP connection with cURL

Today I needed to debug an IMAP problem. I got reports from a user (whose password I recently rotated) that Outlook wouldn’t connect, even though they had updated the password in Outlook’s settings. Checking things on the server I noticed that the connection to the server was made, but the login attempt always failed.

As I didn’t want to add the account to my local mail client I resorted to the almighty curl to test the new password. Below is how I did that.

🤬 To jump ahead: Eventually it turned out that the newly entered password in Outlook was correct but that Outlook basically ignores it when adjusting it from its settings window. The “correct” way to change a password in Outlook is to go to the Control Panel instead, and change it from there (in a window that is basically the same as Outlook’s). Makes sense … NOT!

~

Depending of whether you’re using a secured connection or not, use one of these:

After successfully logging in, you should see output similar to this:

Click to expand
*   Trying XXX.XXX.XXX.XXX...
* TCP_NODELAY set
* Connected to domain.tld (XXX.XXX.XXX.XXX) port 993 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
*  subject: OU=Domain Control Validated; OU=PositiveSSL; CN=domain.tld
*  start date: Sep  4 00:00:00 2019 GMT
*  expire date: Sep  3 23:59:59 2020 GMT
*  subjectAltName: host "domain.tld" matched cert's "domain.tld"
*  issuer: C=US; ST=TX; L=Houston; O=cPanel, Inc.; CN=cPanel, Inc. Certification Authority
*  SSL certificate verify ok.
< * OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
> A001 CAPABILITY
< * CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE LITERAL+ AUTH=PLAIN AUTH=LOGIN
< A001 OK Pre-login capabilities listed, post-login capabilities have more.
> A002 AUTHENTICATE PLAIN dXNlcm5hbWU6cGFzc3dvcmQ=
< * CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SNIPPET=FUZZY PREVIEW=FUZZY NAMESPACE LITERAL+ NOTIFY SPECIAL-USE COMPRESS=DEFLATE QUOTA
< A002 OK Logged in
> A003 SELECT INBOX
< * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
< * OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted.
< * 3270 EXISTS
< * 0 RECENT
< * OK [UNSEEN 3256] First unseen.
< * OK [UIDVALIDITY 1325596071] UIDs valid
< * OK [UIDNEXT 67684] Predicted next UID
< * OK [HIGHESTMODSEQ 68768] Highest
< A003 OK [READ-WRITE] Select completed (0.074 + 0.000 + 0.073 secs).
> A004 SEARCH NEW
< * SEARCH
* SEARCH
< A004 OK Search completed (0.009 + 0.000 + 0.008 secs).
* Connection #0 to host domain.tld left intact
> A005 LOGOUT
< * BYE Logging out
< A005 OK Logout completed (0.001 + 0.000 secs).
* Closing connection 0

~

A note on usernames

If the username you are testing contains an @, you must use its urlencoded counterpart %40.

Alternatively you can also pass in the username:password combination separately using the -u flag

curl -v -u 'user:password' imaps://mailserver.tld/INBOX?NEW

~

Did this help you out? Like what you see?
Thank me with a coffee.

I don't do this for profit but a small one-time donation would surely put a smile on my face. Thanks!

☕️ Buy me a Coffee (€3)

To stay in the loop you can follow @bramus or follow @bramusblog on Twitter.

MoonMail – Send e-mail marketing campaigns using AWS, SES, and Lambda

Send email marketing campaigns with Amazon SES. Let Amazon Lambda compose email by email and literaly scale it to infinite.

With MoonMail you can: create & edit lists of recipients (email addresses) and store them within a DynamoDB. Create & edit html email marketing campaigns, send them and track their opens and clicks.

MoonMail →

(via cron.weekly)

Calling all digital nomads: Switch your mail (and other stuff) to Google Apps … yesterday!

As I’m quite a digital nomad myself I need to have access to my inbox and mail archive from any place (and with that, any system – be it my macbook, my pc, my gf’s pc, an internetcafé, etc.) at any time. Next to that issue I want to have lots of space (my mail archive already is a whopping 1.2 GiBi … after having cleaned it out!), good spam filters, one interface/app to rule them all (viz. one interface/app to manage my mail on ALL my mail addresses) and – most importantly – support for labels (aka tags).

Continue reading “Calling all digital nomads: Switch your mail (and other stuff) to Google Apps … yesterday!”