Hi Leo, Am 23.12.2021 um 00:51 schrieb Leo Unglaub <l...@unglaub.at>: > >> openssl s_client -tls1_2 -connect mail.foobar.com:587 >> openssl s_client -tls1_3 -connect mail.foobar.com:587 (both 1.2 and 1.3 work)
Kind of strange that this works. Port 587 (submission) is usually set up to use STARTTLS, just like port 25 (smtp) so you would need specify -starttls smtp an an option to openssl s_client. Port 465 (submissions, formerly known as smtps) would work with mandatory TLS if the server supports that. Are you sure you are testing correctly? I would expect these to work: $ openssl s_client -connect mail.foobar.com:587 -starttls smtp </dev/null $ openssl s_client -connect mail.foobar.com:587 -starttls smtp -tls1_2 </dev/null $ openssl s_client -connect mail.foobar.com:587 -starttls smtp -tls1_3 </dev/null HTH Mike