Mail Server Test
About the Mail Server Test
The Mail Server Test checks whether a mail server is reachable and correctly configured to accept email, including its support for STARTTLS encryption. SMTP, the protocol that moves email between servers, normally runs on port 25, with submission on 587 and implicit TLS on 465. This tool connects to the target server, reads the greeting banner, issues the EHLO command, and inspects which capabilities the server advertises, giving you a clear picture of whether the server is alive and willing to talk.
STARTTLS is the mechanism that upgrades an initially plaintext SMTP session to an encrypted one, protecting message contents and credentials in transit. The test verifies that the server advertises STARTTLS in its EHLO response and that the upgrade actually succeeds. A server missing STARTTLS support transmits mail in cleartext, which is a privacy and compliance concern. The tool also surfaces the server's announced capabilities, such as supported authentication methods and maximum message size, which help diagnose configuration issues.
Common use cases include validating a newly configured mail server before going live, troubleshooting why outbound or inbound mail is failing, and confirming that encryption is properly enabled after a certificate renewal. Administrators use it to verify that a hosting provider's mail endpoint responds correctly, and to catch the dangerous misconfiguration of an open relay that would accept and forward mail for anyone. It is also handy for confirming that a firewall is not silently blocking SMTP ports.
For a complete email health review, combine the Mail Server Test with a Blacklist Check to confirm the sending IP has a clean reputation, an SSL Certificate Checker to inspect the validity and expiry of the TLS certificate the server presents, and SPF, DKIM, and DMARC record checks to ensure your domain's authentication records align with the server's behavior. A Port Scanner can also confirm which mail-related ports are open before you run the deeper protocol test.
Frequently asked questions
- What does STARTTLS do and why does it matter?
- STARTTLS upgrades an initially unencrypted SMTP connection to an encrypted TLS session. It protects message contents and login credentials from being intercepted in transit. A server without STARTTLS sends mail in cleartext, which is a privacy and compliance risk.
- Which port should my mail server be tested on?
- Port 25 is used for server-to-server mail relay, port 587 for authenticated client submission, and port 465 for implicit TLS submission. The right port depends on the role; relay testing typically targets 25 while client submission testing targets 587.
- What is an open relay and why is it dangerous?
- An open relay is a mail server that accepts and forwards email from any sender to any recipient without authentication. Spammers exploit open relays to send bulk mail, which quickly gets the server's IP blacklisted and can implicate the operator in abuse.
- The server connects but STARTTLS fails. What does that indicate?
- It usually points to a TLS configuration problem, such as an expired or mismatched certificate, an unsupported protocol version, or an incomplete certificate chain. Inspecting the presented certificate with an SSL checker is the next step to identify the exact cause.
Check SPF, DKIM, DMARC, and DNSSEC records
Validate email format and check MX records
Check if IP is on spam blacklists
Get location info for IP address
Get domain registration information
Check domain registration date and age