Querying SSL/TLS capabilities of SMTP servers

[Thomas Shaddack]

It fails on hotmail.com; my script has problems there as well (and with 
couple others, the cure seems to be adding delays between the lines sent 
to the server; it makes the program slow, but more reliable).

In my case I added "-i 3" to the netcat options. Isn't a panacea, but 
helped in most cases. In the rest, I have to resort to telnet.

Thanks a lot. Seems I have to learn perl. Looks powerful.


On Thu, 8 Jul 2004, Justin wrote:

> On 2004-07-08T17:50:57+0200, Thomas Shaddack wrote:
> > I cobbled up together a small bash shell script that does this. It lists 
> > the MX records for a domain, and then tries to connect to each of them, 
> > issue an EHLO command, disconnect, then list the output of the server, 
> ..
> 
> Or, in perl... though I wonder if there's a way to get capabilities with
> Net::SMTP.  Might make this cleaner.
> 
> 
> #!/usr/bin/perl
> 
> use IO::Socket;
> use Net::DNS;
> 
> for ($i = 0; $i <= $#ARGV; $i++) {
>     my @mx = mx($ARGV[$i]);
>     foreach $record (@mx) {
> 	my $hastls = 0;
> 	my $mhost = IO::Socket::INET->new (
>  		Proto => "tcp",
> 		PeerAddr => $record->exchange,
> 		PeerPort => "25",
> 		Timeout => "10"
> 	);
> 	print $mhost "EHLO I-love-my-country.whitehouse.gov\n";
> 	print $mhost "QUIT\n";
> 	while (<$mhost>) {
> 	    if (/STARTTLS/) {
> 		$hastls = 1;
> 		last;
> 	    }
> 	}
> 	print "$ARGV[$i] " . $record->preference . " " . $record->exchange;
> 	print $hastls ? " adv-tls\n" : " no-tls\n";
> 	close $mhost;
>     }
> }