Nmap Developmentmailing list archives
Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ?
From: Ben Stover via dev <dev () nmap org>
Date: Thu, 26 Oct 2017 07:41:19 +0200
Hello Patrick,thank you for the information.Just to clarify:If in the list of reported smtp-commands the tag "STARTTLS" appears then (only) the STARTTLS protocol is valid on this port.If the tag STARTTLS is NOT listed in the output of smtp-commands then (only) SSL/TLS is supportedCorrect?Ben--Original Message Text---From: Watson, PatrickDate: Mon, 23 Oct 2017 16:59:10 +0000Combining the smtp-commands script with the normal version scanning, you can figure this out. Using gmailâ¬"s SMTP as an example below, Iâ¬"ve highlighted in yellow the parts you want to pay attention to. Port 465 uses TLS from the start (aka SMTPS). Port 587 uses STARTTLS to switch from plain text to TLS after connecting. # nmap -sV -Pn -p 465,587 --version-intensity 8 --script smtp-commands.nse smtp.gmail.com Starting Nmap 6.47 (http://nmap.org ) at 2017-10-23 16:49 UTC Nmap scan report for smtp.gmail.com (74.125.136.108) Host is up (0.012s latency). Other addresses for smtp.gmail.com (not scanned): 74.125.136.109 PORT STATE SERVICE VERSION 465/tcp open ssl/smtp Google gsmtp | smtp-commands: smtp.gmail.com at your service, [73.237.100.36], SIZE 35882577, 8BITMIME, AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH, ENHANCEDSTATUSCODES, PIPELINING, CHUNKING, SMTPUTF8, |_ 2.0.0https://www.google.com/search?btnI&q=RFC+5321 j14sm454180ywg.74 - gsmtp 587/tcp open smtp Google gsmtp | smtp-commands: smtp.gmail.com at your service, [73.237.100.36], SIZE 35882577, 8BITMIME, STARTTLS, ENHANCEDSTATUSCODES, PIPELINING, CHUNKING, SMTPUTF8, |_ 2.0.0https://www.google.com/search?btnI&q=RFC+5321 b129sm3894212ywe.99 - gsmtp Service Info: Host: smtp.gmail.com Service detection performed. Please report any incorrect results athttp://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 19.84 seconds -- Patrick
_______________________________________________Sent through the dev mailing listhttps://nmap.org/mailman/listinfo/devArchived athttp://seclists.org/nmap-dev/
Current thread:
- How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ?Ben Stover via dev (Oct 20)
- Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ?Jasey DePriest (Oct 21)
- Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ?Watson, Patrick (Oct 23)
- Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ?Dave Horsfall (Oct 29)
- <Possible follow-ups>
- Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ?Ben Stover via dev (Oct 25)
- Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ?Watson, Patrick (Oct 26)
- Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ?Jasey DePriest (Oct 26)
- Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ?Watson, Patrick (Oct 26)
- Re: How to find out if SMTP mailserver supports STARTTLS or (only) SSL/TLS ?Jasey DePriest (Oct 21)