Nmap Development mailing list archives

Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ?

From: Jasey DePriest <jrdepriest () gmail com>
Date: Thu, 26 Oct 2017 11:56:20 -0500

This is a great table. Thanks for sharing it. I'm definitely adding it to
my scanning notes.

-Jasey

On Thu, Oct 26, 2017 at 11:26 AM, Watson, Patrick <Patrick.Watson () ncr com>
wrote:

There are 4 possible states:

*Service*

*STARTTLS*

*Meaning*

smtp

not present

TLS is not supported at all; everything is plain text

smtp

present

TLS is only supported via STARTTLS. The connection begins unencrypted.
This is called “Opportunistic TLS”

ssl/smtp

not present

TLS is only supported at the connection level, which begins encrypted.
STARTTLS is not supported

ssl/smtp

present

TLS is supported at the connection level, which begins encrypted. You can
also issue a STARTTLS command to turn on TLS, but that doesn’t make any
sense because it’s already on. Thus, you probably won’t see this often in
real life.





*-- Patrick*

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ? Ben Stover via dev (Oct 20)
- Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ? Jasey DePriest (Oct 21)
  - Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ? Watson, Patrick (Oct 23)
- Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ? Dave Horsfall (Oct 29)
- <Possible follow-ups>
- Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ? Ben Stover via dev (Oct 25)
  - Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ? Watson, Patrick (Oct 26)
    - Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ? Jasey DePriest (Oct 26)