Concepts & troubleshooting

What is an SMTP test? How online SMTP testing works

What an SMTP test does: connect, EHLO, STARTTLS/TLS, AUTH, and an optional test message. Learn what each step proves and why submission success differs from inbox delivery.

5 min read Credentials redacted No signup

An SMTP test opens a TCP connection to a mail server and walks through the Simple Mail Transfer Protocol conversation the same way a real mail client would. It reads the server greeting, sends EHLO to discover capabilities, optionally secures the session with STARTTLS or implicit TLS, authenticates if credentials are supplied, and can submit a real message with MAIL FROM, RCPT TO, and DATA.

Each step proves something specific, and the test isolates exactly where a problem occurs — rather than showing a generic "could not send" error that tells you nothing.

What each step proves

1. Connect and greeting

The client opens a TCP socket to the server's host and port. If the server responds with a 220 greeting (for example 220 smtp.gmail.com ESMTP), you know:

If this step fails (timeout or connection refused), the issue is network-level: wrong host, wrong port, blocked port, or the server is down.

2. EHLO (capabilities)

The client sends EHLO client-hostname and the server responds with a list of extensions it supports:

This tells you what the server can do before you attempt anything further. If a specific AUTH mechanism is missing, you know not to try it.

3. STARTTLS or implicit TLS

If you chose STARTTLS (port 587), the client sends STARTTLS and the server responds 220 Ready to start TLS. Both sides then negotiate a TLS handshake. After that, all further commands (including credentials) are encrypted.

If you chose implicit TLS (port 465), the TLS handshake happens immediately on connect — before any SMTP commands.

A successful TLS negotiation proves:

4. Authentication (AUTH)

The client sends credentials using the negotiated method (PLAIN, LOGIN, or CRAM-MD5). A 235 response means the server accepted the credentials.

This proves your username, password, and auth method are correct for this server. If you get 535 instead, the credentials are wrong — and the transcript shows you that it is specifically auth that failed, not connection or TLS.

5. Message submission (optional)

If handshake-only mode is off, the client sends:

A 250 Ok (often with a queue ID) after the final . means the server accepted the message for delivery processing.

Submission success vs inbox delivery

This is the most important distinction in SMTP testing:

Submission success (250 after DATA) means the server accepted the message into its queue. It agreed to process it.

Inbox delivery is what happens next — the server attempts to deliver the message to the recipient's mailbox. Delivery can still fail after successful submission because of:

To verify end-to-end delivery, send a test to a mailbox you control and check whether it arrives (and where — inbox, spam, or rejected). SMTP Tester confirms submission works; deliverability testing is a separate concern.

When to use an SMTP test

Handshake-only mode

Handshake-only runs connect → EHLO → STARTTLS → AUTH and then closes the session without sending MAIL FROM, RCPT TO, or DATA. This is useful for:

A successful handshake-only test proves the session path works up through authentication. It does not prove the server will relay to external recipients — that requires a full send.

SMTP Tester vs command-line tools

Traditionally, admins debug SMTP with telnet host 25, openssl s_client -starttls smtp, or swaks. SMTP Tester provides the same diagnostic information from a browser:

telnet openssl s_client swaks SMTP Tester
TLS support No Yes Yes Yes
Certificate details No Yes (verbose) No Yes (parsed)
AUTH Manual typing Manual Yes Yes
Credential redaction No No No Yes
Install required Usually pre-installed Yes Yes (Perl) No (browser)
Works behind port 25 blocks No (25 only) Only if you specify another port Yes Yes

SMTP Tester streams the transcript live (the same lines you would see in a terminal session) but adds TLS diagnostics, automatic credential redaction, and works from any device with a browser — including machines where you cannot install software or where outbound port 25 is blocked.

Try it on your own server

Run these settings against your SMTP server and watch the live, credential-redacted protocol transcript.

Open SMTP Tester