- network connectivity, DNS or firewall related
- mail client related
- mail server related
The general approach will be to try and connect on the relevant ports (SMTP=25, POP=110, IMAP=143) and see whether you can connect and whether the server responds correctly when you send commands.
[surgemail@linux]$ telnet smtp.netwin.co.nz 110 Trying 216.65.64.228... Connected to smtp.netwin.co.nz. Escape character is '^]'. +OK POP3 netwin.co.nz (Version 3.8g-21) http://surgemail.com user myaccount@netwin.co.nz +OK myaccount@netwin.co.nz nice to hear from you - password required pass mypassword +OK myaccount has 1 mail messages list +OK 1 (1233) 1 1233 . retr 1 +OK message follows Received: from testmail.com (1.2.3.4.bitstream.orcon.net.nz [1.2.3.4]) by netwin.co.nz (SurgeMail 3.8g) with ESMTP id 5376645-1867996 for <myaccount@netwin.co.nz>; Sun, 11 Mar 2007 16:40:08 -0700 From: johnsmith@netwinsite.com To: myaccount@netwin.co.nz Subject: Test mail message Date: Sun, 11 Mar 2007 16:40:08 -0700 Status: U Body of test message Some more body text The end of email . quit +OK closing connection Connection closed by foreign host.
Taking this step by step:
telnet smtp.netwin.co.nz 110
- If this fails with an error along the lines of: "Unknown host"
then you probably have an invalid DNS record or have a problem with your dns server
- If this fails with an error along the lines of: "Connection refused"
there is no connectivity to your server. Check your server is running, listening on the correct port, and there are no network problems, and no firewalls blocking communications. Provided surgemail is running, this problem is not related to surgemail.
- If it responds: "+OK POP3 netwin.co.nz"
then you have connectivity to the server, next try logging in via POP
user myaccount@netwin.co.nz
pass mypassword
- If this responds with "-ERR foo@netwin.co.nz password wrong or not a valid user"
then the username password combination is invalid for some reason. Check the account exists and the password is valid, the authentication module for correct configuration, next check surgemail mail.log files to see if these show any reason for failed logins.
- If there respond with "+OK myaccount has n mail messages"
then the login is valid on the server, try using the login with your mail client that you were previously having problems with.
list
retr 1
- This issues several POP commands (list available messages, retrieve first message) to confirm that the server is working correctly.
Is is very similar to POP, but the port you use is different and the protocol is slightly different. An example follows:
[surgemail@linux]$ telnet smtp.netwin.co.nz 143 Trying 216.65.64.228... Connected to smtp.netwin.co.nz. Escape character is '^]'. * OK IMAP netwin.co.nz (Version 3.8g-21) A001 CAPABILITY * CAPABILITY IMAP4 IMAP4REV1 NAMESPACE QUOTA UIDPLUS IDLE XFLDDATA SURGEMAIL STARTTLS A001 OK CAPABILITY completed A002 LOGIN "myaccount@netwin.co.nz" "mypassword" A002 OK LOGIN completed A003 LIST "" "*" * LIST () "/" INBOX A020 OK LOGOUT completed Connection closed by foreign host. [surgemail@linux]$
[surgemail@linux]$ telnet smtp.netwin.co.nz 25 Trying 216.65.64.228... Connected to smtp.netwin.co.nz. Escape character is '^]'. 220 netwin.co.nz SurgeSMTP (Version 3.8g-21) http://surgemail.com HELO smtp.netwin.co.nz MAIL FROM: <myaccount@netwin.co.nz> RCPT TO: <johnsmith@netwin.co.nz> DATA From: myaccount@netwin.co.nz To: johnsmith@netwin.co.nz Subject: Test message test message body . 250 netwin.co.nz. Hello smtp.netwin.co.nz (1.2.3.4) 250 Command MAIL OK 250 local recipient ok 354 Command DATA Start mail input; end with. 250 message sent ok quit 221 Command QUIT, disconnecting Connection closed by foreign host. [surgemail@linux]$
Again taking this step by step:
telnet smtp.netwin.co.nz 25
- If it responds: "220 netwin.co.nz SurgeSMTP"
then you have connectivity to the server, try sending mail
- If it responds with anything else troublshoot as for POP connections
HELO smtp.netwin.co.nz MAIL FROM: <myaccount@netwin.co.nz> RCPT TO: <johnsmith@netwin.co.nz> DATA From: myaccount@netwin.co.nz To: johnsmith@netwin.co.nz Subject: Test message test message body .
- If after entering the above the response is "250 message sent ok" then you can send mail through the server. Now try sending mail through your mail client.
- If the response is "relaying blocked, read new mail, add 1.2.3.4 to forwarding or enable smtp authentication" then you need to test this using your mail client with "authentication when sending mail" enabled.
- It is also possible you will receive one of various spam prevention reject responses.
It is not quite as useful to test web connectivity using telnet, but you can use the same technique to make sure you have connectivity:
[surgemail@linux]$ telnet smtp.netwin.co.nz 80 Trying 216.65.64.228... Connected to smtp.netwin.co.nz. Escape character is '^]'. GET / HTTP/1.1
HTTP/1.0 200 OK Server: DManager MIME-version: 1.0 Date: Mon, 12 Mar 2007 00:52:36 GMT Content-type: text/html <!doctype html public "-//w3c//dtd html 4.0 transitional//en"> <html> <head> <title>SurgeMail Welcome Page</title> .... </body> </html> Connection closed by foreign host.
SSL based connections can be tested the same way using the openssl client.
Both dedicated SSL connections or STARTTLS based connections can be tested this way.
This also allows you to verify the ssl certificates and protocol / ciphers used for the negotiation.
C:\Windows\System32>openssl s_client -connect netwinsite.com:993 CONNECTED(00000004) depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R12 verify return:1 depth=0 CN = netwinsite.com verify return:1 --- Certificate chain 0 s:CN = netwinsite.com i:C = US, O = Let's Encrypt, CN = R12 1 s:C = US, O = Let's Encrypt, CN = R12 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 --- Server certificate -----BEGIN CERTIFICATE----- MIIE+TCCA+GgAwIBAgISBvpWu9VPUPkifthtQuhXSOY8MA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTIwHhcNMjUxMTI2MDcyMTQ1WhcNMjYwMjI0MDcyMTQ0WjAZMRcwFQYDVQQD Ew5uZXR3aW5zaXRlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AKTQTHaHZngnyx5bi4iOOLJv4zFy2qqSFykYfelpSJEQwZaGL0nu/gjEjdMZItlc KHmccrM17vD7p3unPzrBmBhEQchCx8dMf12uuSEDCdHBy0t6/r2aLFvDyGHu+xn4 9oaeZX09fL1jx3cybCOTqpg0IW8ANXKuj0ZF3NEYsvZeXdNQ+EcscdEYXmzjrefr CDXFH3bT9bO4aITRJjSV+ZvNl5T3kEbC+iP2rxfBl5rkufSuOs/khTFYHzzzX7no z34jPg5Whh1BOoXL3Y1fhAhzm3aG0DjUh2N/WBninBfvE4DEosS75wqhESUZFRf/ FHQWi+pFWK1k3Iy2k51fVrUCAwEAAaOCAh8wggIbMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQU5SS3uWDnC1SmwrqFLtfyLoVHJ3cwHwYDVR0jBBgwFoAUALUp8i2ObzHo m0yteD763OkM0dIwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8v cjEyLmkubGVuY3Iub3JnLzAZBgNVHREEEjAQgg5uZXR3aW5zaXRlLmNvbTATBgNV HSAEDDAKMAgGBmeBDAECATAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vcjEyLmMu bGVuY3Iub3JnLzYxLmNybDCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AGQRxGyk EuyniRyiAi4AvKtPKAfUHjUnq+r+1QPJfc3wAAABmr8/uGYAAAQDAEgwRgIhAIOY LcE203Vr9Bco5YjrQbKCfyfwq/uKQNe5yDGu2zoOAiEA3qbm5KEBwfF9cU3GKPSF GJznBNr4N90gBiR8jmAXRq4AdgCWl2S/VViXrfdDh2g3CEJ36fA61fak8zZuRqQ/ D8qpxgAAAZq/P7jCAAAEAwBHMEUCIQCRsm9PZnLuuKsj7z/kRuWy+nE1AxMxOMOE mN8GAyjqBgIgGyJY/xYEYmbAvjj9h+u5szLn8lugYNOEoMeIH/RDuOwwDQYJKoZI hvcNAQELBQADggEBAIzV6/fzYeScyMFSUpE2q76qJGjQZIkc089eNZrkMtWVdqGp RluSmwEezWFkSWTsMJdh8QDiyLeny7FE2Tkx8JzW4YXy57taibPUa/euhjD6zgT/ V8bIou619/F0n34A6rnC7Kntnsaicspa+Podx+phHmNhAx3+dyfp1OFrO5Z7b+fK 5OAoIR/USqPG0+wLM0Mvkr0UzO2w2swHotUgvsNT/PFaYDdI61GnYXeeSX8r3EEI J6D4Z2oQcPDKvRItI9TOSrTN4+LEMT0W94ntoA1mGH3XKwRF2n4ou3fo209N1PKX YcKNdv8GgIwgG7x8HsoEqdYZnB+p4xGLnLFQfJo= -----END CERTIFICATE----- subject=CN = netwinsite.com issuer=C = US, O = Let's Encrypt, CN = R12 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 3258 bytes and written 765 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: 246B65E4CB40815ECD27A71478A19B1502392165436D76DDCC4BFC97F11083B7 Session-ID-ctx: Resumption PSK: 99E78BE5200A889C2A4A7038286C546BF4803CC584F839841AC4485123731DAFFA15C9F95A64AB5FCBCF281FD26E38AF PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - f4 97 9c af af dc a7 37-7a 18 f2 ba 27 dc c4 c9 .......7z...'... 0010 - c5 4b 08 1e f6 6f 20 3b-6f 20 48 11 e7 fd af 2a .K...o ;o H....* 0020 - ef bb 19 c4 09 e0 46 b7-8a 04 3a a7 34 4e 8c a3 ......F...:.4N.. 0030 - a2 63 cf d3 4f c2 eb 96-d5 1f 03 e2 1f 47 61 7e .c..O........Ga~ 0040 - a1 10 79 83 6c 4b 11 ea-c1 b6 b0 1f 54 21 74 5d ..y.lK......T!t] 0050 - ba 4d f7 81 ce 01 9c a3-e9 b6 cf f8 f9 51 46 0f .M...........QF. 0060 - 8b 27 e7 fa 66 e4 09 04-e7 cf 6d 46 54 fe b8 80 .'..f.....mFT... 0070 - 93 ba 45 5e 56 3e f9 24-db af 86 ba 31 79 bc 86 ..E^V>.$....1y.. 0080 - fb dd 1d 63 ba f9 d1 c4-16 e2 f9 f4 38 53 a7 67 ...c........8S.g 0090 - e1 91 b6 d6 6c fb 6f c3-1b 93 e5 a2 7e b4 c7 c5 ....l.o.....~... 00a0 - 6c f2 eb 5e b0 15 8c 57-93 f1 11 80 d1 5f 4b ae l..^...W....._K. 00b0 - 61 a1 e9 71 38 a4 cf 44-c6 ed 00 fc 17 30 9c 71 a..q8..D.....0.q 00c0 - dd c1 52 75 1b 2b 3f 21-1a c8 bc 08 23 ef 69 c3 ..Ru.+?!....#.i. 00d0 - 75 53 ef 92 d6 f6 5c da-5b 70 55 49 bc af 69 e5 uS....\.[pUI..i. Start Time: 1766954657 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 0 --- read R BLOCK --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: 46D7C75494ACD8C49B495F2D2AEBDD1B2EA01BD16F745FF93FE8541EECBF3E2D Session-ID-ctx: Resumption PSK: 1AB8E9429911B31323D7E7A2754504775D5FA2D5DEA32E3EBAA9D012BE36910AC826A5CFCC27FAFFA174E3840371E5A1 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - f4 97 9c af af dc a7 37-7a 18 f2 ba 27 dc c4 c9 .......7z...'... 0010 - f6 03 02 73 c1 71 cd 19-8f a2 7b 35 0e 50 ab a5 ...s.q....{5.P.. 0020 - e4 b7 ee b9 4f 5c ca 4a-a8 da a6 1b 90 44 59 56 ....O\.J.....DYV 0030 - 69 7d a8 4d 8b 25 2b 03-11 61 58 5e cc 28 ba 0e i}.M.%+..aX^.(.. 0040 - 47 84 17 26 dc ed 42 30-b1 dd 06 07 3e 2c b8 4c G..&..B0....>,.L 0050 - 6b a5 df 8a 2c ee 67 7a-10 47 bf 0c ce 04 a8 98 k...,.gz.G...... 0060 - 1a 09 cb 63 29 77 af c7-3f b7 4c 67 bf cd 24 ff ...c)w..?.Lg..$. 0070 - 90 8f 68 8d ee a3 e0 c9-7e d1 39 9e 5a 1a 3e 7d ..h.....~.9.Z.>} 0080 - 56 e8 a5 a7 32 2e a6 0f-bd ab f7 c7 f9 c1 99 ed V...2........... 0090 - 61 6a c8 4e 90 dc 23 05-83 1d d3 36 d3 69 88 fb aj.N..#....6.i.. 00a0 - 63 96 cf 22 d8 37 64 c1-d9 a6 5c 87 1e 9d eb 86 c..".7d...\..... 00b0 - c3 81 7f 90 64 93 9c 35-4d 04 0e b7 8f 77 d6 db ....d..5M....w.. 00c0 - ae 32 ad 45 01 3c 95 3e-c9 99 b0 ac 60 b5 e1 af .2.E.<.>....`... 00d0 - 03 c3 fa e3 d5 e1 a0 d3-e1 30 59 b6 e6 e1 3e ab .........0Y...>. Start Time: 1766954657 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 0 --- read R BLOCK * OK IMAP (C) netwin.co.nz (Version 8.0p-8) a capability * CAPABILITY IMAP4 IMAP4REV1 NAMESPACE QUOTA UIDPLUS IDLE SORT SPECIAL-USE ACL SURGEMAIL UNAUTHENTICATE UNLIMITEDFLAGS a OK Capability completed a logout * BYE IMAP4rev1 Server logging out a OK logout completed closed C:\Windows\System32>
Of particular note:
- The above shows successful SSL negotitation
- Certificate is valid Lets Encrypt signed certificate
- Encryption using TLSv1.3 with TLS_AES_256_GCM_SHA384 and 2048bit keys
- Valid surgemail IMAP response
And here an example of a surgemail selfsigned certificate. ie valid SSL negotiation but without validated certificate
C:\Windows\System32>openssl s_client -connect netwintest.com:993 CONNECTED(00000004) depth=0 CN = netwintest.com verify error:num=18:self signed certificate verify return:1 depth=0 CN = netwintest.com verify return:1 --- Certificate chain 0 s:CN = netwintest.com i:CN = netwintest.com --- Server certificate -----BEGIN CERTIFICATE----- MIIC5DCCAcygAwIBAgIEwkq7xjANBgkqhkiG9w0BAQsFADAZMRcwFQYDVQQDDA5u ZXR3aW50ZXN0LmNvbTAeFw0yNTEyMjYyMTQ4MjBaFw0zNTEyMjYyMTQ4MjBaMBkx FzAVBgNVBAMMDm5ldHdpbnRlc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEApbNZzI5D7hCYqg5VW+V134Nce7Y3u/Q93EbqH11CFG/+g+5qdVvJ K0woQc/xtxh35IccSCmByDTAopxG9EJ3Mw6U51eUQIUWI+isCKSDq7Kr5JvxmCvG H6+yd0wwTMj8GVZpTpebDuZhFx3xsqKzxmbkrIwsQvN3EURlNJ9z6tyKBBJt+Z0p iWp1Ir3gT/1BWLxYRJqyQQjWDACwJBEOUSl0v1ebrw6x1BFR8CiRk1wgEvFLMS7v 6jVNBsIGPF4XDNvkA6zYtOhw4zIkMZqnmvT1UxK4Jx0+kqcHP3kGD38Cug/hpp1W AquF0um9ZP/CGBteMajSnRPXkC3E2yvxfwIDAQABozQwMjARBglghkgBhvhCAQEE BAMCBkAwHQYJYIZIAYb4QgEMBBAWDm5ldHdpbnRlc3QuY29tMA0GCSqGSIb3DQEB CwUAA4IBAQAleMNgpGcgl7ipQweqKHVIVEu5KU3VO7X1A0MG7XWkoEjRcvkAu1eB XpEujHasqBW/IIxTDntBEmLk+vJvEbeRuD9zOaSxymVH4XECtjVoDdfkvZ7MXAMy IF4jEPNGGME9in2uZpP59ztSMDo670mTQ60uy2fHoY6OaO45QTBZVdox8rr/F3mP l83SoCMpZRIrdgW1WX4vwFzcJ+PEjFjfISu6By4B1/mEY1DxRpax14EKeAFb60rS 4xF8AgB28EVenAJu6j49npOKM7CApRlPhZZ3ICZvUmupXYbAB9q5NpBqtSeWoY4I gRg68knC3z1jCmlQA8dIG2IUe5a1Bzh7 -----END CERTIFICATE----- subject=CN = netwintest.com issuer=CN = netwintest.com --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 1430 bytes and written 761 bytes Verification error: self signed certificate --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 18 (self signed certificate) --- --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: 722711C6E93D065D477193D540CDAD866D6F5608A5075857CA38AE733281752B Session-ID-ctx: Resumption PSK: F6E0C243594323B6D73D1BF1C1A3638D859FF740E3681ED005B19C45CB5CE4D4F789CECFEA326E30DD2F27F3DB5F70EA PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - 3e aa 6a 3e ba 3b 63 5a-18 88 40 64 5e d2 3f 79 >.j>.;cZ..@d^.?y 0010 - 5e 92 69 da aa e7 06 e1-6d 23 a2 79 f1 ed 13 ef ^.i.....m#.y.... 0020 - d1 80 aa c4 71 c7 15 fd-c9 7f 11 04 55 c5 ba e5 ....q.......U... 0030 - 77 55 36 d3 22 34 33 eb-7f b6 b6 b9 b0 82 6c d0 wU6."43.......l. 0040 - c8 1d f3 6e d5 ce 13 f1-a7 af 7d 4c 23 be d2 c4 ...n......}L#... 0050 - 11 27 55 bf 4d fc 4d 48-e2 b5 f7 67 ec 0c 82 2d .'U.M.MH...g...- 0060 - 97 ad c0 0d 98 77 4a 73-48 49 76 56 2a 51 18 c1 .....wJsHIvV*Q.. 0070 - 2a 0d e6 6d 30 1e eb 5e-4f af cc 61 b5 11 3a e7 *..m0..^O..a..:. 0080 - d9 05 64 c1 72 31 99 dd-bf f3 4b 5d db 83 d5 18 ..d.r1....K].... 0090 - e3 1e 24 b6 11 ec 4d 7d-be fa f6 49 d3 fb 7f 6e ..$...M}...I...n 00a0 - e2 8a 8c 51 b3 d5 54 32-eb 45 a1 64 d2 8a 4e b7 ...Q..T2.E.d..N. 00b0 - ca 90 b5 ba 8c a7 ec 36-5d ef 23 c6 80 45 5e 8e .......6].#..E^. 00c0 - e1 d6 14 16 6f d4 30 94-62 3b 06 45 f2 5e 71 3f ....o.0.b;.E.^q? 00d0 - 92 5c 1c 05 54 18 79 ce-fb e3 dc ac 98 a6 5f 14 .\..T.y......._. Start Time: 1766958510 Timeout : 7200 (sec) Verify return code: 18 (self signed certificate) Extended master secret: no Max Early Data: 0 --- read R BLOCK --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: DB48A3E68C005133E9612524D66E82E94E0EBD0D87ECB92BF4530AD8EABCD5DE Session-ID-ctx: Resumption PSK: A6C8A44A16B0BAF930EC28CA9B3166D6DE975E7560496D12BCA6FE14412FAD528BFBEC36C2D81D69DE358E4BF5837D87 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - 3e aa 6a 3e ba 3b 63 5a-18 88 40 64 5e d2 3f 79 >.j>.;cZ..@d^.?y 0010 - 5f 4a 11 fc 78 0c 02 c9-68 fe 37 90 dc 6e 3c 99 _J..x...h.7..n<. 0020 - 2f d9 48 8e a1 d4 96 00-8b ca 56 4b 23 f9 ce c5 /.H.......VK#... 0030 - 81 08 e9 f2 15 75 0f 71-e5 7e 31 43 54 6d d2 98 .....u.q.~1CTm.. 0040 - c6 18 ba ce 38 9e eb 12-b3 ff dc 3e 99 bf 9c 0f ....8......>.... 0050 - cd 26 6a 3f 5d 18 5d 55-27 e6 3c 12 b8 06 84 71 .&j?].]U'.<....q 0060 - 6c cc 31 ea 5b d1 f0 e2-5c ec f8 b2 08 32 d7 77 l.1.[...\....2.w 0070 - a9 eb fc 1d ae c1 0f 87-36 b5 b2 61 60 f9 71 d9 ........6..a`.q. 0080 - 58 46 2e e3 6f 56 8c 32-95 e7 10 eb 9b cf de 63 XF..oV.2.......c 0090 - 3e 58 c4 94 fb 4f 84 07-e2 5b 98 24 dd 1c ec 2b >X...O...[.$...+ 00a0 - ab 6d 9e 12 4f e4 cd 4f-78 a3 ef e5 d3 b6 aa 35 .m..O..Ox......5 00b0 - 48 13 d8 0d 80 98 da ef-84 f7 89 54 d9 d5 0c 60 H..........T...` 00c0 - d0 6a bf bc d4 c3 1f 4b-a7 cc 0a fd cc 8c b6 bc .j.....K........ 00d0 - a5 1b 64 5d c2 6c 74 0c-45 8b fc 55 55 bc ce 23 ..d].lt.E..UU..# Start Time: 1766958510 Timeout : 7200 (sec) Verify return code: 18 (self signed certificate) Extended master secret: no Max Early Data: 0 --- read R BLOCK * OK IMAP (C) netwintest.com (Version 8.0p-9) a logout * BYE IMAP4rev1 Server logging out a OK logout completed closed C:\Windows\System32>
C:\Windows\System32>openssl s_client -connect netwinsite.com:143 -starttls imap CONNECTED(00000004) depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R12 verify return:1 depth=0 CN = netwinsite.com verify return:1 --- Certificate chain 0 s:CN = netwinsite.com i:C = US, O = Let's Encrypt, CN = R12 1 s:C = US, O = Let's Encrypt, CN = R12 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 --- Server certificate -----BEGIN CERTIFICATE----- MIIE+TCCA+GgAwIBAgISBvpWu9VPUPkifthtQuhXSOY8MA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTIwHhcNMjUxMTI2MDcyMTQ1WhcNMjYwMjI0MDcyMTQ0WjAZMRcwFQYDVQQD Ew5uZXR3aW5zaXRlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AKTQTHaHZngnyx5bi4iOOLJv4zFy2qqSFykYfelpSJEQwZaGL0nu/gjEjdMZItlc KHmccrM17vD7p3unPzrBmBhEQchCx8dMf12uuSEDCdHBy0t6/r2aLFvDyGHu+xn4 9oaeZX09fL1jx3cybCOTqpg0IW8ANXKuj0ZF3NEYsvZeXdNQ+EcscdEYXmzjrefr CDXFH3bT9bO4aITRJjSV+ZvNl5T3kEbC+iP2rxfBl5rkufSuOs/khTFYHzzzX7no z34jPg5Whh1BOoXL3Y1fhAhzm3aG0DjUh2N/WBninBfvE4DEosS75wqhESUZFRf/ FHQWi+pFWK1k3Iy2k51fVrUCAwEAAaOCAh8wggIbMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQU5SS3uWDnC1SmwrqFLtfyLoVHJ3cwHwYDVR0jBBgwFoAUALUp8i2ObzHo m0yteD763OkM0dIwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8v cjEyLmkubGVuY3Iub3JnLzAZBgNVHREEEjAQgg5uZXR3aW5zaXRlLmNvbTATBgNV HSAEDDAKMAgGBmeBDAECATAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vcjEyLmMu bGVuY3Iub3JnLzYxLmNybDCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AGQRxGyk EuyniRyiAi4AvKtPKAfUHjUnq+r+1QPJfc3wAAABmr8/uGYAAAQDAEgwRgIhAIOY LcE203Vr9Bco5YjrQbKCfyfwq/uKQNe5yDGu2zoOAiEA3qbm5KEBwfF9cU3GKPSF GJznBNr4N90gBiR8jmAXRq4AdgCWl2S/VViXrfdDh2g3CEJ36fA61fak8zZuRqQ/ D8qpxgAAAZq/P7jCAAAEAwBHMEUCIQCRsm9PZnLuuKsj7z/kRuWy+nE1AxMxOMOE mN8GAyjqBgIgGyJY/xYEYmbAvjj9h+u5szLn8lugYNOEoMeIH/RDuOwwDQYJKoZI hvcNAQELBQADggEBAIzV6/fzYeScyMFSUpE2q76qJGjQZIkc089eNZrkMtWVdqGp RluSmwEezWFkSWTsMJdh8QDiyLeny7FE2Tkx8JzW4YXy57taibPUa/euhjD6zgT/ V8bIou619/F0n34A6rnC7Kntnsaicspa+Podx+phHmNhAx3+dyfp1OFrO5Z7b+fK 5OAoIR/USqPG0+wLM0Mvkr0UzO2w2swHotUgvsNT/PFaYDdI61GnYXeeSX8r3EEI J6D4Z2oQcPDKvRItI9TOSrTN4+LEMT0W94ntoA1mGH3XKwRF2n4ou3fo209N1PKX YcKNdv8GgIwgG7x8HsoEqdYZnB+p4xGLnLFQfJo= -----END CERTIFICATE----- subject=CN = netwinsite.com issuer=C = US, O = Let's Encrypt, CN = R12 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 3508 bytes and written 791 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- . OK Capability completed --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: 18A20B205FCF2C7853159E5BA53EAE00C4A63C974FB279D9C8E732DDBBEB14F3 Session-ID-ctx: Resumption PSK: 815CE9BB2A7B0AB051AC2A2F4845DEE9944543DF3B24D29D2EFF75560856E975DF64D0990E170100AE11ED0FA2C93637 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - f4 97 9c af af dc a7 37-7a 18 f2 ba 27 dc c4 c9 .......7z...'... 0010 - 2c ea 05 d1 31 6d ee b7-2e 65 0d ba 6b 9f fb a1 ,...1m...e..k... 0020 - 2e 96 ec bb 9a 46 c7 a8-12 fa 51 ad 92 ba b7 02 .....F....Q..... 0030 - e3 8d 83 f5 25 8b 4e e2-a8 2b 67 37 6f c4 d5 08 ....%.N..+g7o... 0040 - 9a 22 14 11 25 3c 1c 09-fd b2 f0 6e 40 55 9b e5 ."..%<.....n@U.. 0050 - 1f a1 67 4d c0 47 5e fb-e8 a0 4d 68 88 84 ad ec ..gM.G^...Mh.... 0060 - cb 24 77 9a 9f 45 79 13-68 26 3e 80 4d 63 a0 cf .$w..Ey.h&>.Mc.. 0070 - d4 6a 8b 9b 49 5a 96 80-d8 a3 67 ed f7 03 5c e3 .j..IZ....g...\. 0080 - b3 cc 99 97 5f 7f 6e 60-20 f1 ba 43 bc c0 9b f7 ...._.n` ..C.... 0090 - 9c f5 62 94 43 95 0f 67-19 8c 95 3f 23 88 14 c7 ..b.C..g...?#... 00a0 - ce 38 6f 7c a2 3e 39 fb-30 d3 8c 7b 0f 71 ce ce .8o|.>9.0..{.q.. 00b0 - 16 4d d5 41 4f a5 15 c9-3c 8d c2 4f c8 ec 4f 5a .M.AO...<..O..OZ 00c0 - de c5 50 7f 2f 95 95 d4-13 8c c7 e4 9a 24 80 a5 ..P./........$.. 00d0 - dd 4e e8 04 36 0b b1 6d-a8 5a 60 c4 ac 66 f8 7c .N..6..m.Z`..f.| Start Time: 1766954712 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 0 --- read R BLOCK --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: ED16AE19B528970A15CA846BC2BB715B933201FF3A19C07838B894DF102AA32C Session-ID-ctx: Resumption PSK: 40466E7AB844F43D0751C19ACFE537C98F4B26C5A33A1EA9CD773F4C2AA0EFB53F6CB80454CF9FCCED9B0270DCCA2C29 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - f4 97 9c af af dc a7 37-7a 18 f2 ba 27 dc c4 c9 .......7z...'... 0010 - 90 f7 5f f8 79 49 f9 80-9d ba 4d 65 66 74 ec a3 .._.yI....Meft.. 0020 - 3d d1 65 df a4 d6 aa ac-00 c5 e1 95 09 8d 79 f4 =.e...........y. 0030 - 89 b6 3e e5 e5 2f db 24-71 a3 75 b6 57 00 8e cb ..>../.$q.u.W... 0040 - a7 3f 25 e1 50 35 be b5-30 f7 0d db ef 14 7e 79 .?%.P5..0.....~y 0050 - 92 2a b2 14 29 2c 87 33-b0 7b c4 2c 9c 48 78 61 .*..),.3.{.,.Hxa 0060 - 53 be 1f ef c6 2f 05 96-25 13 9f 7a 6a d5 44 85 S..../..%..zj.D. 0070 - 21 b0 73 34 1b dd c3 55-c6 89 dd 43 4a e6 40 cb !.s4...U...CJ.@. 0080 - c5 76 3d f2 5f 0f cb 96-29 a3 76 19 9b c1 e3 23 .v=._...).v....# 0090 - d1 80 7c 69 93 07 0c 34-54 c0 55 5b 5b 2c 16 cb ..|i...4T.U[[,.. 00a0 - e4 22 eb 3b ef af 14 72-ea 09 d7 38 33 e2 47 b7 .".;...r...83.G. 00b0 - c3 98 27 93 f3 0f c5 24-f1 3f 52 3c 7f 9f ff 57 ..'....$.?R<...W 00c0 - 2a f9 af e3 d2 0b 68 d4-09 a4 c0 9b a7 f0 cb 89 *.....h......... 00d0 - cb 5d 67 fa 4b b0 58 ba-08 ca 9d 9d 10 dc df 3e .]g.K.X........> Start Time: 1766954712 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 0 --- read R BLOCK a capability * CAPABILITY IMAP4 IMAP4REV1 NAMESPACE QUOTA UIDPLUS IDLE SORT SPECIAL-USE ACL SURGEMAIL UNAUTHENTICATE UNLIMITEDFLAGS a OK Capability completed a logout * BYE IMAP4rev1 Server logging out a OK logout completed closed C:\Windows\System32>
C:\Windows\System32>openssl s_client -connect netwinsite.com:465 CONNECTED(00000004) depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R12 verify return:1 depth=0 CN = netwinsite.com verify return:1 --- Certificate chain 0 s:CN = netwinsite.com i:C = US, O = Let's Encrypt, CN = R12 1 s:C = US, O = Let's Encrypt, CN = R12 i:C = US, O = Internet Security Research Group, CN = ISRG Root X1 --- Server certificate -----BEGIN CERTIFICATE----- MIIE+TCCA+GgAwIBAgISBvpWu9VPUPkifthtQuhXSOY8MA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTIwHhcNMjUxMTI2MDcyMTQ1WhcNMjYwMjI0MDcyMTQ0WjAZMRcwFQYDVQQD Ew5uZXR3aW5zaXRlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AKTQTHaHZngnyx5bi4iOOLJv4zFy2qqSFykYfelpSJEQwZaGL0nu/gjEjdMZItlc KHmccrM17vD7p3unPzrBmBhEQchCx8dMf12uuSEDCdHBy0t6/r2aLFvDyGHu+xn4 9oaeZX09fL1jx3cybCOTqpg0IW8ANXKuj0ZF3NEYsvZeXdNQ+EcscdEYXmzjrefr CDXFH3bT9bO4aITRJjSV+ZvNl5T3kEbC+iP2rxfBl5rkufSuOs/khTFYHzzzX7no z34jPg5Whh1BOoXL3Y1fhAhzm3aG0DjUh2N/WBninBfvE4DEosS75wqhESUZFRf/ FHQWi+pFWK1k3Iy2k51fVrUCAwEAAaOCAh8wggIbMA4GA1UdDwEB/wQEAwIFoDAd BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNV HQ4EFgQU5SS3uWDnC1SmwrqFLtfyLoVHJ3cwHwYDVR0jBBgwFoAUALUp8i2ObzHo m0yteD763OkM0dIwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8v cjEyLmkubGVuY3Iub3JnLzAZBgNVHREEEjAQgg5uZXR3aW5zaXRlLmNvbTATBgNV HSAEDDAKMAgGBmeBDAECATAuBgNVHR8EJzAlMCOgIaAfhh1odHRwOi8vcjEyLmMu bGVuY3Iub3JnLzYxLmNybDCCAQUGCisGAQQB1nkCBAIEgfYEgfMA8QB3AGQRxGyk EuyniRyiAi4AvKtPKAfUHjUnq+r+1QPJfc3wAAABmr8/uGYAAAQDAEgwRgIhAIOY LcE203Vr9Bco5YjrQbKCfyfwq/uKQNe5yDGu2zoOAiEA3qbm5KEBwfF9cU3GKPSF GJznBNr4N90gBiR8jmAXRq4AdgCWl2S/VViXrfdDh2g3CEJ36fA61fak8zZuRqQ/ D8qpxgAAAZq/P7jCAAAEAwBHMEUCIQCRsm9PZnLuuKsj7z/kRuWy+nE1AxMxOMOE mN8GAyjqBgIgGyJY/xYEYmbAvjj9h+u5szLn8lugYNOEoMeIH/RDuOwwDQYJKoZI hvcNAQELBQADggEBAIzV6/fzYeScyMFSUpE2q76qJGjQZIkc089eNZrkMtWVdqGp RluSmwEezWFkSWTsMJdh8QDiyLeny7FE2Tkx8JzW4YXy57taibPUa/euhjD6zgT/ V8bIou619/F0n34A6rnC7Kntnsaicspa+Podx+phHmNhAx3+dyfp1OFrO5Z7b+fK 5OAoIR/USqPG0+wLM0Mvkr0UzO2w2swHotUgvsNT/PFaYDdI61GnYXeeSX8r3EEI J6D4Z2oQcPDKvRItI9TOSrTN4+LEMT0W94ntoA1mGH3XKwRF2n4ou3fo209N1PKX YcKNdv8GgIwgG7x8HsoEqdYZnB+p4xGLnLFQfJo= -----END CERTIFICATE----- subject=CN = netwinsite.com issuer=C = US, O = Let's Encrypt, CN = R12 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 3258 bytes and written 765 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: F0ACFBEA8DFE9BA690DCCAD746E1D9655B08DAF99AB858E296BC1447C25168A5 Session-ID-ctx: Resumption PSK: 6E3FB53DA20348857F790869F6E2836D6F5F502CA34EFA8B06673288473E3649CF90BA374241D00BCC63FE676D1E4953 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - f4 97 9c af af dc a7 37-7a 18 f2 ba 27 dc c4 c9 .......7z...'... 0010 - 9b 22 93 82 4d d1 e5 a7-8e 65 fe 2d 83 7f a3 d8 ."..M....e.-.... 0020 - d6 28 9a 3d 06 da f0 82-91 fd a1 7e 3a 35 bb 9c .(.=.......~:5.. 0030 - 59 a3 0e d6 ca 29 bd 47-cf f0 96 4a 48 d8 bd 51 Y....).G...JH..Q 0040 - a4 24 14 ec cf a2 51 b8-8d 70 ee 68 f7 f0 86 5d .$....Q..p.h...] 0050 - b0 3f 80 c7 23 e3 2c a3-92 82 64 25 48 6a cf c1 .?..#.,...d%Hj.. 0060 - f7 e5 67 84 58 c4 67 1c-8a 38 c3 a1 1d bf 8f 0b ..g.X.g..8...... 0070 - a5 40 d7 72 a1 12 70 1c-1d 27 94 38 9f 9f 8e 3f .@.r..p..'.8...? 0080 - 86 d3 c9 91 6e fc fb a7-3a 29 0e 0c ac 97 9f c2 ....n...:)...... 0090 - 3e 02 29 39 5a 39 c5 13-ab ac 41 1a 56 af 66 ab >.)9Z9....A.V.f. 00a0 - c2 de 42 8b 3e ce 04 d4-bb 98 c5 ab 2b 33 56 5f ..B.>.......+3V_ 00b0 - 68 5d e2 ab b1 46 18 96-03 9b 17 3f f3 52 09 79 h]...F.....?.R.y 00c0 - 15 cb b2 db 3f d0 63 3f-7d 2f b7 c6 1f 99 57 42 ....?.c?}/....WB 00d0 - d8 83 50 b1 89 bf 80 ce-ba cc e7 7c 8d 88 0c 83 ..P........|.... Start Time: 1766954809 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 0 --- read R BLOCK --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: A0EEA1C124FB4A258CD189541AE9804C9B1DD573E49ED7B2495FB95FFCB30336 Session-ID-ctx: Resumption PSK: 70C846899C2F767B55F44EFC66959269AFAF13260E253220A14A0A2017F375529F3B7848A2169DEABCEDD390AB4BFB15 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - f4 97 9c af af dc a7 37-7a 18 f2 ba 27 dc c4 c9 .......7z...'... 0010 - 71 1a 04 f9 3b a0 09 5c-17 c7 5e 3a 6b bd 75 bc q...;..\..^:k.u. 0020 - f5 f4 e5 5c 00 aa 8c bd-0e b4 df ee 4c 48 3b 33 ...\........LH;3 0030 - 3d 25 b4 9d 6c 4a 66 df-20 9c cd db 7a 9c bb 5d =%..lJf. ...z..] 0040 - 54 d2 2d 15 78 5b 52 37-6c 7f f6 a4 ea d1 0b 02 T.-.x[R7l....... 0050 - c1 33 6e c2 4a 7c 49 00-d1 be 43 71 e2 a9 a7 6a .3n.J|I...Cq...j 0060 - d1 4b d2 4b f9 b8 00 4b-52 d5 54 14 54 e9 b4 d5 .K.K...KR.T.T... 0070 - 4d 36 a5 7a 78 e6 02 ba-64 b9 dd 25 15 4a 7c cc M6.zx...d..%.J|. 0080 - e3 e6 d6 7f 43 04 8b d2-c5 b5 99 55 00 38 72 55 ....C......U.8rU 0090 - f3 ac 54 d5 85 f4 6e 6b-29 af b2 31 9c b7 27 bc ..T...nk)..1..'. 00a0 - 73 17 7a 85 29 63 21 fd-91 a0 fb 27 60 be c4 7c s.z.)c!....'`..| 00b0 - 74 38 5e cc 9e ef e2 89-5e 3f f5 10 5b 4b ff e6 t8^.....^?..[K.. 00c0 - 52 20 93 47 e7 a5 e8 c9-7a 76 08 14 19 4f 48 9e R .G....zv...OH. 00d0 - 15 09 0e 1f 99 8a 0e da-eb 1b 14 95 33 6b 30 76 ............3k0v Start Time: 1766954810 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 0 --- read R BLOCK 220 fast.netwinsite.com SurgeSMTP (Version 8.0p-8) http://surgemail.com quit 221 Command QUIT, disconnecting closed