Tag Archives: ssl

Debugging a (E)SMTP/S connection

“.. The first thing to test is a TLS (aka SSL) connection. The stunnel program has special code for this, the command “stunnel -n smtp -c -r mail.example.com:25” will connect to the server via SMTP and negotiate SSL.

If you use gnutls then the command “gnutls-cli -s mail.example.com -p 25” will connect to the server, allow you to establish the session (by typing “ehlo hostname” and then “starttls“) after which you can press ^D to enter TLS mode. This is a little more inconvenient.

Once one of these is done and you will receive a 220 message acknowledging the connection (which is the same as if you had just connected without TLS). If you want to test the TLS certificate then use the “-v” option to stunnel. Note that if the certificate is not verified successfully then stunnel will exit and log via syslog the reason why. While stunnel seems more convenient for actually using a protocol, the openssl utility is a much better program for actually testing out the SSL functionality. The command “openssl s_client -CApath /etc/ssl/certs/ -starttls smtp -connect mail.example.com:25” will dump a lot of diagnostic information about the SSL protocol. Note that the location of the SSL certificates varies by distribution, /etc/ssl/certs is the location used on Debian. ..”


How to Debug SMTP with TLS(SSL) and AUTH

Yes – I AM LAZY.

SPDY, good/bad/awesome/bullshit?

So, there’s this little project that aims to speed things up over SSL.

I tried it out, and so far I’d say the beta isn’t really doing the job that great.
If you wanna check it out for yourself, head over to Google’s developers page.

It runs with the following specs needed:

Apache 2.2 (≥2.2.4)
mod_ssl enabled

If you like most of the world are using PHP, you need to check out the PHP section in the link.