Chapter 2
If 'allow SSL' is set to OFF, or the mail server does not support the SMTP protocol's
STARTTLS command, the transmission packet is not encrypted.
<STARTTLS command>
STARTTLS is an SMTP command that tells the server that encrypted transmission (SSL/
TLS) is about to start. The command is standardized in RFC2487. Following is an example
of the protocol flow during STARTTLS.
The EHLO response from the client declares that STARTTLS is supported from the server.
When the client generates the STARTTLS command, the operation is reprocessed from the
starts and negotiation is initiated and the packet data are encrypted.
S: 220 mail.imc.org SMTP service ready
C: EHLO mail.example.com
S: 250-mail.imc.org offers a warm hug of welcome
S: 250-8BITMIME
S: 250-STARTTLS : <- Shows that the server supports STARTTLS.
S: 250 DSN
C: STARTTLS : <- Declares to server that SSL/TLS are to be performed.
S: 220 Go ahead
-- All subsequent transmission packets will be encrypted.
C: <starts TLS negotiation>
C&S: <negotiate a TLS session>
C&S: <check result of negotiation>
C: EHLO mail.example.com
S: 250-mail.imc.org touches your hand gently for a moment
S: 250-8BITMIME
S: 250 DSN
<User error>
Related new user errors are #841 and #842.
For details, refer to the section on
Troubleshooting.
2.2.3 Authentication at RX
0008-5787
The username and the password flow by the plaintext in the reception form by past POP3.
And POP3 logs in POP server at a short cycle. Therefore, the password is easily stolen in
2-12