MAIL-05 / DIAGNOSTICS
STARTTLS Checker
Confirm whether a mail server offers STARTTLS, the mechanism that upgrades an SMTP connection to an encrypted one so mail isn't sent in the clear.
About the STARTTLS Checker
STARTTLS upgrades a plain SMTP connection to an encrypted one, keeping email private in transit. A mail server that doesn't offer it may be sending and receiving mail in the clear. This tool checks whether a server advertises STARTTLS support.
What this tool checks
It connects to the mail server, issues EHLO, and checks whether STARTTLS appears in the advertised capabilities.
Why STARTTLS matters
Without STARTTLS, mail between servers can travel unencrypted and be read or modified in transit. Nearly all reputable mail servers support it today.
Frequently asked questions
What is STARTTLS?
STARTTLS is an SMTP command that upgrades an existing plaintext connection to an encrypted TLS connection, protecting email in transit between mail servers.
Is STARTTLS the same as SSL/TLS?
It achieves TLS encryption but starts from a plaintext connection and upgrades it. Implicit TLS (port 465) encrypts from the very first byte instead.
What if a server doesn't support STARTTLS?
Mail to or from it may be unencrypted and exposed. Enable STARTTLS in your mail server configuration; every modern mail server supports it.