SMTP capabilities query

Purpose

Querying the capabilities of SMTP servers, specifically intended for discovery of STARTTLS support.

Mechanism of work

Program uses dnsmx to obtain a list of mail relays and then netcat to send the EHLO query to each of them.

Usage

queryehlo <domain>

Written to work in Linux. Can be easily ported to anything that can run bash, netcat, and dnsmx or equivalent utility.

Examples:

queryehlo safe-mail.net

Mail relays for safe-mail.net:
10 kumquat.safe-mail.net
20 mail.safe-mail.net

Querying mail relay kumquat.safe-mail.net, 212.199.206.69
kumquat.safe-mail.net [212.199.206.69] 25 (smtp) open
*** RELAY ADVERTISES SMTP/TLS SUPPORT

220 Welcome to SAFe-mail ESMTP server
250-kumquat.safe-mail.net Hello xxx.xxx.cz [x.x.x.x]
250-SIZE 52428800
250-PIPELINING
250-STARTTLS
250 HELP
221 kumquat.safe-mail.net closing connection


Querying mail relay mail.safe-mail.net, 212.68.149.115
DNS fwd/rev mismatch: mail.safe-mail.net != tapuz.safe-mail.net
mail.safe-mail.net [212.68.149.115] 25 (smtp) open
*** RELAY ADVERTISES SMTP/TLS SUPPORT

220 Welcome to SAFe-mail ESMTP server
250-tapuz.safe-mail.net Hello xxx.xxx.cz [x.x.x.x]
250-SIZE 52428800
250-PIPELINING
250-STARTTLS
250 HELP
221 tapuz.safe-mail.net closing connection

queryehlo gmail.com

Mail relays for gmail.com:
10 gsmtp171.google.com
20 gsmtp57.google.com

Querying mail relay gsmtp171.google.com, 64.233.171.27
gsmtp171.google.com [64.233.171.27] 25 (smtp) open

220 mx.gmail.com ESMTP
250-mx.gmail.com at your service
250-SIZE 10485760
250 8BITMIME
221 mx.gmail.com closing connection


Querying mail relay gsmtp57.google.com, 216.239.57.27
gsmtp57.google.com [216.239.57.27] 25 (smtp) open

220 mx.gmail.com ESMTP
250-mx.gmail.com at your service
250-SIZE 10485760
250 8BITMIME
221 mx.gmail.com closing connection

Caution

Sometimes the remote server has poor response. Then the query may fail. Try again.
Some servers, eg. hotmail.com, can be so poorly responsive the timeouts aren't enough.

TODO

Query the SSL certificates if STARTTLS is offered.

Files

queryehlo - the script itself

Support files, if you don't have them:
nc - netcat binary (or see original)
dnsmx - dnsmx binary
dnsip - dnsip binary

If you have any comments or questions about the topic, please let me know here:
Your name:
Your email:
Spambait Leave this empty! Only spambots enter stuff here.
Feedback:

Projects on this site sponsored by:
Maurice Ward & Co., International freight forwarding
Prague Wedding Planners, romantic weddings in Prague