Skip to content

How to Validate SMTP TLS Support for Email Transmission

Web Tool:

  1. Check a Domain’s SMTP TLS Support
  2. TLS Email Tests
  3. MX Diagnostics

Additional Reading:

  1. How to Tell Who Supports SMTP TLS for Email Transmission
  2. Telnet to Port 25 to Test SMTP Communication

Steps to validate SMTP Server Support for STARTTLS Using Telnet:

1. Identify MX server

2. Validate STARTTLS


Default Server: UnKnown

> set q=mx
Server: UnKnown

Non-authoritative answer: MX preference = 10, mail exchanger = MX preference = 15, mail exchanger = MX preference = 20, mail exchanger = MX preference = 25, mail exchanger =

C:> telnet 25


Connected to

Escape character is ‘^]’.

220 ESMTP mxl_mta-8.2.0-3 [2ac5dfc25940.177057.00-540]; Tue, 27 Jan 2015 08:42:14 -0700 (MST); NO UCE, INBOUND (

Now type “ehlo” followed by a domain name, your own domain name will work fine, and press “Enter“. If you see within the results the line, “250-STARTTLS”, then that email server is configured to support use of TLS.

Steps to validate SMTP Server Support for STARTTLS Using OpenSSL:

[leo@host ~]$ openssl s_client -starttls smtp -connect
didn’t found starttls in server response, try anyway…
23362:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:591: