Webcore Staff 0 0

  • How to verify that SSL for IMAP/POP3/SMTP works

    Feb 21, 2019 | No tags

Using online checkers Check SSL using online tools:

ImmuniWeb® SSLScan
SSL Checker - SSL Certificate Verify
SSL Server Test (Powered by Qualys SSL Labs)

Using a Linux server

Any Linux server can be used for these tests. If you do not have a Linux server, use the online checkers above.

To verify SSL, connect to any Linux server via SSH and use the instructions below:

IMAP via SSL uses port 993:

    connect to a mail server using openssl:

    # openssl s_client -showcerts -connect mail.example.com:993

    Check output and make sure that a valid certificate is shown:

    Server certificate
    subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=mail.example.com
    issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2

    Make sure that you received IMAP server response:

    * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=PLAIN IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2004 Double Precision, Inc. See COPYING for distribution information.



POP3 via SSL uses port 995:

    Connect to a mail server using openssl:

    # openssl s_client -showcerts -connect mail.example.com:995

    Check output and make sure that a valid certificate is shown:

    Server certificate
    subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=mail.example.com
    issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2

    Make sure that you received POP3 server response:

    +OK Hello there. <1793.1385684315@localhost.localdomain>



SMTP via SSL uses port 465:

    Connect to a mail server using openssl:

    # openssl s_client -showcerts -connect mail.example.com:465

    Check output and make sure that a valid certificate is shown:

    Server certificate
    subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=mail.example.com
    issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2

    Make sure that you received SMTP server response:

    220 mail.example.com ESMTP Postfix



SMTP via TLS/StartTLS uses port 587 (The submission port should be enabled in Plesk):

    Connect to a mail server using openssl:

    # openssl s_client -starttls smtp -showcerts -connect mail.example.com:587

    Check output and make sure that a valid certificate is shown:

    Server certificate
    subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=mail.example.com
    issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2

    Make sure that you received SMTP server response:

    250 DSN

This article was last modified: Feb. 21, 2019, 11:48 a.m.

0 Comments

Please log in to leave a comment.

Add or change tags.

A comma-separated list of tags.

Close and Refresh

© Webcore Cloud 2015. All rights reserved.

Share

Hacker News

Top