Hi.
I have smtp log strings that contain the 250 codes or the error codes. What is the best way to split them out to just get the actual error code and it’s description or the OK? Is there some existing best practice?
What help do you expect to get without posting a part of your list?
Split the lines, do some regex if you don’t have csv.
1 Like
Hey Russ ,
Parsing < > Splitting so lets post your SMTP log so we can help you sir.
Thank you
Mike
These are two examples, one is valid the other is a bad username /password.
These are just examples from gmail, other servers respond with similar codes but not always exactly the same way it seems. i’m guessing that some sort of regex might be the answer?
Rebuilt URL to: smtp://smtp.googlemail.com/ Trying 64.233.167.16…Connected to smtp.googlemail.com (6x.2xx.1xx.1x6) port 25 (#0)220 smtp.googlemail.com ESMTP w128sm4017483wmb.19 - gsmtpEHLO WSL-2019A250-smtp.googlemail.com at your service, [8x.1x5.xx.14x]250-SIZE 35882577250-8BITMIME250-STARTTLS250-ENHANCEDSTATUSCODES250-PIPELINING250-CHUNKING250 SMTPUTF8STARTTLS220 2.0.0 Ready to start TLSALPN, offering http/1.1Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTHTLSv1.2 (OUT), TLS header, Certificate Status (22):TLSv1.2 (OUT), TLS handshake, Client hello (1):TLSv1.2 (IN), TLS handshake, Server hello (2):TLSv1.2 (IN), TLS handshake, Certificate (11):TLSv1.2 (IN), TLS handshake, Server key exchange (12):TLSv1.2 (IN), TLS handshake, Server finished (14):TLSv1.2 (OUT), TLS handshake, Client key exchange (16):TLSv1.2 (OUT), TLS change cipher, Client hello (1):TLSv1.2 (OUT), TLS handshake, Finished (20):TLSv1.2 (IN), TLS change cipher, Client hello (1):TLSv1.2 (IN), TLS handshake, Finished (20):SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256ALPN, server did not agree to a protocolServer certificate: subject: C=US; ST=California; L=Mountain View; O=Google LLC; CN=smtp.googlemail.com start date: Jun 17 14:29:48 2020 GMT expire date: Sep 9 14:29:48 2020 GMT issuer: C=US; O=Google Trust Services; CN=GTS CA 1O1 SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.EHLO WSL-2019A250-smtp.googlemail.com at your service, [xx.1x5.1xx.147]250-SIZE 35882577250-8BITMIME250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH250-ENHANCEDSTATUSCODES250-PIPELINING250-CHUNKING250 SMTPUTF8AUTH LOGIN334 VXNlcm5hbWU6aGVsZW5Ad2VzdHNj333vBXNobGFtYi5jby51aw==334 UGFzc3dv456yQ2w0eXdzbDE=535-5.7.8 Username and Password not accepted. Learn more at535 5.7.8 https://support.google.com/mail/?p=BadCredentials w128sm4mjg483wmb.19 - gsmtpClosing connection 0TLSv1.2 (OUT), TLS alert, Client hello (1):
Rebuilt URL to: smtp://smtp.googlemail.com/ Trying xx.2xx.1x.1x…TCP_NODELAY setConnected to smtp.googlemail.com (xx.2x3.x6.xx) port 587 (#0)220 smtp.googlemail.com ESMTP d7sm28392209wra.29 - gsmtpEHLO WSL-2019A250-smtp.googlemail.com at your service, [xx.1x.1x.xxx]250-SIZE 35882577250-8BITMIME250-STARTTLS250-ENHANCEDSTATUSCODES250-PIPELINING250-CHUNKING250 SMTPUTF8STARTTLS220 2.0.0 Ready to start TLSCipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTHTLSv1.2 (OUT), TLS header, Certificate Status (22):TLSv1.2 (OUT), TLS handshake, Client hello (1):TLSv1.2 (IN), TLS handshake, Server hello (2):TLSv1.2 (IN), TLS handshake, Certificate (11):TLSv1.2 (IN), TLS handshake, Server key exchange (12):TLSv1.2 (IN), TLS handshake, Server finished (14):TLSv1.2 (OUT), TLS handshake, Client key exchange (16):TLSv1.2 (OUT), TLS change cipher, Client hello (1):TLSv1.2 (OUT), TLS handshake, Finished (20):TLSv1.2 (IN), TLS change cipher, Client hello (1):TLSv1.2 (IN), TLS handshake, Finished (20):SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256Server certificate: subject: C=US; ST=California; L=Mountain View; O=Google LLC; CN=smtp.googlemail.com start date: Jul 15 08:33:07 2020 GMT expire date: Oct 7 08:33:07 2020 GMT issuer: C=US; O=Google Trust Services; CN=GTS CA 1O1 SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.EHLO WSL-2019A250-smtp.googlemail.com at your service, [x9.x5.x9.x7]250-SIZE 35882577250-8BITMIME250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH250-ENHANCEDSTATUSCODES250-PIPELINING250-CHUNKING250 SMTPUTF8AUTH LOGIN334 VXNlcm5hbWU6amVuB3ZXN0c2NvdHRc2hsYW1iLmND4vLnVr334 UGFz345tyQ6V1NMSjNubiE=235 2.7.0 AcceptedMAIL FROM:je@west2.co.uk250 2.1.0 OK d7sm28392209wra.29 - gsmtpRCPT TO:test@hotmail.co.uk250 2.1.5 OK d7sm28392209wra.29 - gsmtpDATA354 Go ahead d7sm28392209wra.29 - gsmtp250 2.0.0 OK 1597154705 d7sm28392209wra.29 - gsmtpConnection #0 to host smtp.googlemail.com left intact
In terms of Gmail, try allowing “Less secure app access”.
That doesn’t look very parsable (is this a word?).
Less secure apps is supposed to go away. Gmail now allows app-specific passwords.
I know about less secure apps. In one scenario What happens is that the user hasn’t set it and then What I’m wondering is how to strip out the errors and just display that to the user rather than the whole thing.
Of course the error could be other things or it could be OK.
I could try testing for each error code but there are lots so I was hoping there might be a generally accepted way to do it already.
I looked at regex but I can’t see how to tell it to look for a number followed by a x.y.z then return that and then I don’t know how to tell it to return the next sentence.
Also this is gmail. It’s slightly different for outlook exchange et. al.
I think I’m missing something though because surely this must be done by other email clients ???
What you have there is a transcript of the conversation between your client and the remote SMTP server. There is a specific call and response in the specs. Those should be separate lines, so the first thing I would do is use ReplaceLineEndings to normalize them to EndOfLine. It should look a lot more recognizable. Each line is going to begin with a specific command code or a response code. That’s what you’re looking for.
1 Like
The thing is I can split the lines out and then search for the possible codes but it involves lots of case statements and suchlike. I don’t know which line it will be on so I have to search them all.
I was hoping there was a way of finding the line with the error or the OK on it and then I can just display that but perhaps I’m just being lazy 