Debugging SMTP with TLS encryption

Today I was struggling to diagnose an issue with a client's SMTP server, which appeared to be configured to only allow authentication once the STARTTLS command had been issued. I'd previously thought that this task would be impossible without a tool specifically made to talk SMTP over TLS, but I was thankfully wrong!

OpenSSL to the rescue!

Using the venerable OpenSSL tools, you can establish an interactive SMTP session and poke commands in, just like you can using Telnet with plaintext. Simply enter the following command:

openssl s_client -starttls smtp -crlf -connect remote-server.domain.tld:25

You'll see connection and certificate information scroll by before being dropped at an empty prompt. You're now talking to your SMTP server with encryption. Good luck!