Export (0) Print
Expand All

Use Telnet to test SMTP communication on Exchange servers


Applies to: Exchange Server 2016

Topic Last Modified: 2016-03-28

Learn how to use Telnet to test SMTP connectivity and mail flow on Exchange servers.

You can use Telnet to test Simple Mail Transfer Protocol (SMTP) communication between messaging servers. By default, SMTP listens on port 25. If you use Telnet on port 25, you can enter the same SMTP commands that are used to connect and send a message as if your Telnet session were an SMTP messaging server. You can see the success or failure of each step in the connection and message submission process.

You can use Telnet to test SMTP communication to:

  • Test mail flow from the Internet into your Exchange organization.

  • Test mail flow from your Exchange to the Internet.

  • Estimated time to complete: 15 minutes

  • Exchange permissions don't apply to the procedures in this topic. These procedures are performed in the operating system of the Exchange server or a client computer.

  • This topic shows you how to use Telnet Client, which is a component that's included with virtually any version of Microsoft Windows. Third-party Telnet clients might require syntax that's different from what's shown in this topic.

  • You use the procedures in this topic to connect to Internet-facing servers that allow anonymous connections. The Frontend Transport service on Mailbox servers accepts anonymous connections on port 25 on the Receive connector named Default Frontend <ServerName>. The Transport service on Edge Transport servers accepts anonymous connections on port 25 on the Receive connector named Default internal receive connector <ServerName>. In contrast, the Transport service on Mailbox servers isn't suitable for the procedures in this topic. The Transport service accepts only authenticated and encrypted connections on port 2525 on the Receive connector named Default <ServerName>. To test mail flow to the Transport service using the procedures in this topic, you need to create a new Receive connector that has insecure settings that aren't recommended (allow anonymous and unencrypted connections).

  • If you connect to a remote messaging server, consider performing the procedures in this topic on your Internet-facing Exchange server. This will help you satisfy the antispam features that are likely used by the remote messaging server to test incoming connections. Most messaging servers are configured to validate the source IP address, the corresponding domain name, and the reverse lookup IP address of any Internet host that tries to send messages.

  • For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center.

Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection.

By default, the Telnet Client isn't installed in most client or server versions of the Microsoft Windows operating systems. To install it, see Install Telnet Client.

To connect to an SMTP server by using Telnet on port 25, you need to use the fully-qualified domain name (FQDN) (for example, or the IP address of the SMTP server. If you don't know the FQDN or IP address, you can use the Nslookup command-line tool to find the MX record for the destination domain.

Firewall or Internet proxy restrictions on your organization's internal network might prevent you from using the Nslookup tool to query public DNS servers on the Internet. As an alternative, you can use one of the freely-available DNS lookup or MX record lookup websites on the Internet.
  1. At a command prompt, type nslookup, and then press Enter. This command opens the Nslookup session.

  2. Type set type=mx, and then press Enter.

  3. Type set timeout=20, and then press Enter. By default, Windows DNS servers have a 15-second recursive DNS query time-out limit.

  4. Type the name of the domain for which you want to find the MX record. For example, to find the MX record for the domain, type, and then press Enter.

    The trailing period ( . ) indicates an FQDN. When you use the trailing period, you prevent any default DNS suffixes from being unintentionally added to the domain name.

    The output of the command looks like this: mx preference=10, mail exchanger = mx preference=20, mail exchanger = internet address =
    mail2 internet address =

    You can use any of the host names or IP addresses that are associated with the MX records as the destination SMTP server. A lower value for preference (preference = 10 vs. 20) indicates a preferred SMTP server. Multiple MX records and different values of preference are used for load balancing and fault tolerance.

  5. When you're ready to end the Nslookup session, type exit, and then press Enter.

In this example, the following values are used:

  • Destination SMTP server

  • Source domain

  • Sender's e-mail address

  • Recipient's e-mail address

  • Message subject   Test from Contoso

  • Message body   This is a test message

  • The commands in the Telnet Client aren't case-sensitive. The SMTP command verbs are capitalized for clarity.

  • You can't use the backspace key in the Telnet session after you connect to the destination SMTP server. If you make a mistake as you type an SMTP command, you need to press Enter, and then type the command again. Unrecognized SMTP commands or syntax errors result in an error message that looks like this:

    500 5.3.3 Unrecognized command

  1. Open a Command Prompt window, type telnet, and then press Enter.

    This command opens the Telnet session.

  2. Type set localecho, and then press Enter.

    This optional command lets you view the characters as you type them, and it might be required for some SMTP servers.

  3. Type set logfile <filename>, and then press Enter.

    This optional command enables logging and specifies the log file for the Telnet session. If you only specify a file name, the log file is located in the current folder. If you specify a path and file name, the path needs to be on the local computer, and you might need to enter the path and file name in the Windows DOS 8.3 format (short name with no spaces). The path needs to exist, but the log file is created automatically.

  4. Type OPEN 25, and then press Enter.

  5. Type EHLO, and then press Enter.

  6. Type MAIL, and then press Enter.

  7. Type RCPT NOTIFY=success,failure, and then press Enter.

    The optional NOTIFY command specifies the particular delivery status notification (DSN) messages (also known as bounce messages, nondelivery reports, or NDRs) that the SMTP is required to provide. In this example, you're requesting a DSN message for successful or failed message delivery.

  8. Type DATA, and then press Enter.

    You should receive a response that looks like this:

    354 Start mail input; end with <CLRF>.<CLRF>

  9. Type Subject: Test from Contoso, and then press Enter.

  10. Press Enter again.

    RFC 2822 requires a blank line between the Subject: field and the message body.

  11. Type This is a test message, and then press Enter.

  12. Press Enter, type a period ( . ), and then press Enter.

    You should receive a response that looks like this:

    250 2.6.0 <GUID> Queued mail for delivery

  13. To disconnect from the SMTP server, type QUIT, and then press Enter.

    You should receive a response that looks like this:

    221 2.0.0 Service closing transmission channel

  14. To close the Telnet session, type quit, and then press Enter.

This section provides information about the success and failure responses to the commands that were used in the previous example.

The three-digit SMTP response codes that are defined in RFC 2821 are the same for all SMTP messaging servers, but the text descriptions in the responses might be slightly different.

Successful response   220 Microsoft ESMTP MAIL Service ready at <day-date-time>

Failure response   Connecting to not open connection to the host, on port 25: Connect failed

Possible reasons for failure

  • The destination SMTP service is unavailable.

  • Restrictions on the destination firewall.

  • Restrictions on the source firewall.

  • Incorrect FQDN or IP address for the destination SMTP server.

  • Incorrect port number.

Successful response   250 Hello [<sourceIPaddress>]

Failure response   501 5.5.4 Invalid domain name

Possible reasons for failure

  • Invalid characters in the domain name.

  • Connection restrictions on the destination SMTP server.

EHLO is the Extended Simple Message Transfer Protocol (ESMTP) verb that's defined in RFC 2821. ESMTP servers can advertise their capabilities during the initial connection. These capabilities include the maximum accepted message size and supported authentication methods. HELO is the older SMTP verb that is defined in RFC 821. Most SMTP messaging servers support ESMTP and EHLO. If the non-Exchange server that you're trying to connect to doesn't support EHLO, you can use HELO instead.

Successful response   250 2.1.0 Sender OK

Failure response   550 5.1.7 Invalid address

Possible reasons for failure   A syntax error in the sender's e-mail address.

Failure response   530 5.7.1 Client was not authenticated

Possible reasons for failure   The destination server doesn't accept anonymous message submissions. You receive this error if you try to use Telnet to submit a message directly to a Mailbox server that doesn't have a Receive connector that's configured to accept anonymous connections.

Successful response   250 2.1.5 Recipient OK

Failure response   550 5.1.1 User unknown

Possible reasons for failure   The specified recipient doesn't exist.

© 2016 Microsoft