Testing Script (Python)
Because I am lazy and syntax is my biggest weakness I write scripts so I don’t have to remember stuff.
Most of the manual learnings of this guide I have put in to a python script which you can find here: https://github.com/ahaw021/SSL-MAIL-PROTOCOLS-TESTING
Let’s Run the same 3 tests as above and see what the script tells us
SMTP GMAIL on PORT 25:
The first Message is the banner from the server
The Second Message is the response of the STARTTLS command (not all servers have the same response)
The third is the peer certificate returned (this is to test self signed certs)
The fourth is the Domains in the certificate (check for hostname errors etc)
The fifth is the cipher suite (so we can see what cipher the server chose)
The next bits are an attempt to login using the protocols defined methods. NOTE: each protocol varies which is why the Encoded strings etc are printed out.
NOTE ALSO: the script uses changeme@gmail.com and changeme as defaults. If you want to use it change these but DO NOT post the output of the last bits
POP GMAIL on PORT 995:
IMAP GMAIL on PORT 993
As you can see the way these protocols authenticate is very different however the certificates and handshakes are the same.
I have updated the code to include the connection information
