Solved

SMTP in Java

Posted on 2002-06-22
10
1,413 Views
Last Modified: 2007-11-27
I am creating a small program that I can use to send emails to people.  I have gotten the program to work perfectly when I use SMTP servers that dont require authentication.  My question is this:  How would I modify my code to work for a SMTP server that required authentication?

Code snippet:

Socket s = new Socket(smtp.getText(),25);
out = new PrintWriter(s.getOutputStream());
in = new BufferedReader(new InputStreamReader
    (s.getInputStream()));
               
send(null);
send("HELO " + InetAddress.getLocalHost().getHostName());
send("MAIL FROM: " + from.getText());
send("RCPT TO: " + to.getText());
send("DATA");
out.println("Subject: " + subject.getText());
out.println(_body.getText());
send(".");
s.close();

So what would I add to get this to work with Authentication?
0
Comment
Question by:lwinkenb
10 Comments
 
LVL 86

Expert Comment

by:CEHJ
Comment Utility
I must say I've never tried an SMTP server requiring authentication, but why not try the same approach as POP and see what happens:
send("USER" + user.getText());
send("PASS" + pass.getText());
0
 
LVL 86

Expert Comment

by:CEHJ
Comment Utility
You'll need to look at RFC 2554 for this:
http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc2554.html
0
 
LVL 5

Author Comment

by:lwinkenb
Comment Utility
I looked at the link, but it was pretty confusing to me.  This is what I tried:

C: HELO
C: EHLO
C: MAIL FROM: <address>
C: AUTH LOGIN
S: VXNlcm5hbWU6
C: <What in the heck do I put here?>
S: UGFzc3dvcmQ6
C: <I probably need to put something here>
S: 5.7.3 Authentication unsuccessful. (this is what I get)

What am I doing wrong?  The whole point of this is to be able to send messages to a domain outside my SMTP domain.  If I'm way off track with the above, please let me know :)
0
 
LVL 86

Expert Comment

by:CEHJ
Comment Utility
This is new to me as well, but my reading from the example in the RFC of the first part of the exchange is as follows:

0: S: Server welcome
1. C: EHLO <your domain name>
2. S: Read server response. One of the lines should contain the authorisation methods it supports.
3. C: AUTH <your choice from the list of server-supported types of authentication>
4. S: 334 <base 64 encoded string>

It's ironic that base 64 is coming into this at all, but I'd love to know what sort of thing is contained in 4.
Give it a try and let me know, then perhaps we can work out the next bit :-)
0
 
LVL 5

Author Comment

by:lwinkenb
Comment Utility
Here we go:

S: 220 ubax.server.ubax.net Microsoft ESMTP MAIL Service, Version: 5.0.2195.4453 ready at  Sun, 23 Jun 2002 10:37:12 -0700

C: EHLO luke

S: 250-ubax.server.ubax.net Hello [192.168.1.8]
250-TURN
250-ATRN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK

C: AUTH LOGIN

S: 334 VXNlcm5hbWU6

C: (I dont know what to put here, but if I enter in anything, the server responds with...)

S: 334 UGFzc3dvcmQ6

C: (Again I dont know what to put in, so the server responds with...)

S: 535 5.7.3 Authentication unsuccessful.

If I try one of the other supported types of authentication, the server will respond with:
GSSAPI supported.
or
NTLM supported.

AUTH LOGIN is the only one that returns with an encoded string.

0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 86

Expert Comment

by:CEHJ
Comment Utility
Oh dear - it's unfortunate it' Microsoft! I wouldn't be surprised if they merged this authenticating ESMTP with their own proprietary extensions. For instance - what's NTLM? I'll look at the next bit. What do the base 64 server strings say if you decode them?
0
 

Expert Comment

by:chintamanidhotre
Comment Utility
Why dont u use the Java Mail API.It is very easy to send mails using this API's.
0
 
LVL 86

Expert Comment

by:CEHJ
Comment Utility
I'm a bit busy at the moment, but the following should help:

My suspicions were correct - NTLM is proprietary although according to this doc it may be reasonably straightforward: http://www.innovation.ch/java/ntlm.html.
Note, however, that the doc is based on the result of reverse engineering.

As for GSSAPI, it looks like this is a wrapper arouind Kerberos: http://docs.sun.com/?q=GSSAPI&p=/doc/806-3814
0
 
LVL 9

Accepted Solution

by:
Venci75 earned 200 total points
Comment Utility
you can use base64 authentication:
Socket s = new Socket(smtp.getText(),25);
out = new PrintWriter(s.getOutputStream());
in = new BufferedReader(new InputStreamReader
   (s.getInputStream()));
             
send(null);
new sun.misc.BASE64Encoder enc = new new sun.misc.BASE64Encoder();
send("HELO " + InetAddress.getLocalHost().getHostName());
// S: 250 OK
send("AUTH LOGIN");
// 334 VXNlcm5hbWU6
send(enc.encode(username.getBytes()));
// 334 UGFzc3dvcmQ6
send(enc.encode(password.getBytes()));
// 235 LOGIN authentication successful
send("MAIL FROM: " + from.getText());
send("RCPT TO: " + to.getText());
send("DATA");
out.println("Subject: " + subject.getText());
out.println(_body.getText());
send(".");
s.close();

0
 
LVL 5

Author Comment

by:lwinkenb
Comment Utility
Exactly what I needed.  I just needed to convert the username/password to base64 before transmitting them.  

Thanks!
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

INTRODUCTION Working with files is a moderately common task in Java.  For most projects hard coding the file names, using parameters in configuration files, or using command-line arguments is sufficient.   However, when your application has vi…
Java had always been an easily readable and understandable language.  Some relatively recent changes in the language seem to be changing this pretty fast, and anyone that had not seen any Java code for the last 5 years will possibly have issues unde…
Viewers will learn about the different types of variables in Java and how to declare them. Decide the type of variable desired: Put the keyword corresponding to the type of variable in front of the variable name: Use the equal sign to assign a v…
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now