SSL handshake has read 177 bytes and written 325 bytesĮxpansion: NONE # openssl s_client -connect :25 -starttls smtp # openssl s_client -connect :25 -starttls smtpĭidn't found starttls in server response, try anyway.ġ39702030079656:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:774: Below you can see one example of a server that is not supporting TLS and another one that does. If you need to test TLS connections you can use the OpenSSL s_client tool for this. A few examples of what could be wrong is that the server is down, that it’s rate-limiting your connections, that it’s behind a closed off firewall or that there are routing issues. If you receive a SMTP banner similar to the one above you’re good to go, if you do not see any response from the server that can mean a lot of different things and troubleshooting this is beyond the scope of this article. To verify if it’s possible to connect to the SMTP server you can use for example telnet or netcat.
Bash test tls 1.2 how to#
Guide for e-mail service providers: How to choose the right MTA. # nslookup -type=mx example.localĮxample.local mail exchanger = 10 .Įxample.local mail exchanger = 10. There are several command-line tools that can be used for this but here I’m using nslookup as well as dig as examples. The first step is to find out which SMTP server(s) is responsible for the domain that you want to test, if you already know this you can skip this step. All of this and more can be done quickly using the command-line. In certain situations it can be very helpful to be able to quickly check if a SMTP server is online and reachable, has support for TLS and that it’s working, test user authentication and measure transaction delays and throughput.