On 2005.11.09 at 20:50:39 -0500, Victor Duchovni wrote: > On Wed, Nov 09, 2005 at 08:38:02PM -0500, Warrick FitzGerald wrote: > > > Hi Guys, > > > > I'm trying to test a connection to a TLS enabled SMTP server. Is it > > possible to use use OpenSSL to setup the TLS sessison and then interact > > with the mail server as if I'd telnet'd to port 25? > > > > Yes, with significant limitations via "openssl s_client". For full > interactive TLS you can use stunnel which supports SMTP. > > The problems with s_client are: > > - It does not send EHLO, and many servers refuse STARTTLS before EHLO. > > - It is a debugging tool, not a proxy, so "R" causes renegotiation, and > literal "R" cannot be sent, ... >
I've just encountered same problem - need to test protocol which starts as unencrypted connection and begins to use SSL somewhere in the middle. So, I've hacked up a quick script which is free of these limitations It uses tcl and tcltls package from tls.sf.net. It assumes that patch for engine support is applied (see patch manager for tcltls) but if not, nothing wrong with it unless you want to use -engine or -conf option http://45.free.net/~vitus/ice/works/starttls.tcl ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
