Free Verifier Bulk Verifier API Pricing
Tools
SPF/DKIM/DMARC Checker Fake Email Checker Domain Checker Disposable Checker Deliverability Checker
Sign Up Free

Free SMTP Connection Tester — Test Mail Server Connectivity

What This Tool Does

The SMTP Connection Tester checks connectivity on ports 25, 465, and 587. It tests TLS/SSL support, reads the SMTP banner, performs EHLO handshake, and reports server capabilities.

Results include port connectivity, TLS/STARTTLS support, certificate details, authentication mechanisms, and server extensions. For address-level verification, use our email verifier.

How to Use This Tool

  1. Enter server address — Type the mail server hostname (e.g., smtp.gmail.com) or IP address.
  2. Click Test Connection — The tool attempts connections on ports 25, 465, and 587.
  3. Review connectivity — Check which ports are open, TLS support, and server capabilities.

Related Tools

MX Record Checker

Find mail server hostnames to test.

SPF Checker

Verify the server is in SPF.

Blacklist Checker

Check if server IP is blacklisted.

Email Header Analyzer

Trace delivery through SMTP servers.

Need full email verification? Try our free email verifier with 99.5% accuracy.

How SMTP Connection Testing Works

The SMTP Connection Tester evaluates mail server accessibility by attempting to establish TCP connections on the three standard SMTP ports: port 25 (server-to-server relay), port 465 (implicit TLS/SSL), and port 587 (message submission with STARTTLS). For each port, the tool records whether the connection succeeds or times out, captures the SMTP banner message that the server sends upon connection, and then performs an EHLO handshake to discover the server's supported extensions and capabilities. The EHLO response reveals critical information including supported authentication mechanisms (LOGIN, PLAIN, CRAM-MD5, XOAUTH2), maximum message size limits, pipelining support, and whether the server advertises STARTTLS for encryption upgrades.

When STARTTLS or implicit TLS is available, the tool initiates a TLS handshake and inspects the server's SSL/TLS certificate. It reports the certificate issuer, subject, expiration date, protocol version (TLS 1.2, TLS 1.3), and cipher suite in use. Expired, self-signed, or hostname-mismatched certificates are flagged as security warnings. The tool also measures connection latency for each port, providing insight into server responsiveness. If the server implements connection-level protections like rate limiting or IP-based access control, the tool reports the specific error codes returned. This comprehensive port-by-port analysis gives you a complete picture of how the mail server behaves from the perspective of an external sender attempting to deliver or submit email.

When to Use This Tool

  • Verifying mail server configuration after setup or migration — After deploying a new mail server or migrating to a new hosting provider, test that all required SMTP ports are open, TLS is properly configured, and the server responds with correct banners and capabilities.
  • Troubleshooting email delivery failures — When emails to a specific domain bounce with connection errors, use this tool to check whether the recipient's mail server is reachable on port 25 and whether TLS negotiation succeeds, which helps determine if the problem is on the recipient's side.
  • Auditing TLS and security configuration — Verify that your mail server supports modern TLS versions, uses a valid non-expired certificate, and does not fall back to unencrypted connections. Many compliance frameworks and email providers now require TLS support for email transmission.
  • Testing firewall and network rules — After changing firewall configurations, cloud security groups, or network ACLs, confirm that SMTP traffic is flowing correctly on the expected ports and that no legitimate SMTP connections are being blocked by overly restrictive rules.

Understanding Your Results

The results are organized by port, with each port showing its connection status, response time, and server details. Port 25 is used for server-to-server mail delivery and must be open for your domain to receive email from other mail servers on the internet. If port 25 is closed or filtered, external servers cannot deliver mail to your domain. Port 587 is the standard submission port used by email clients (Outlook, Thunderbird, mobile apps) to send outgoing mail through your server. It typically requires authentication and STARTTLS encryption. Port 465 provides implicit TLS, where the entire connection is encrypted from the start without a STARTTLS upgrade step.

The TLS details section is particularly important for security assessment. A server that does not support TLS on any port transmits email credentials and message content in plain text, which is a significant security risk. The certificate information tells you whether the certificate is valid, matches the server hostname, and has not expired. An expired certificate will cause many sending servers to refuse delivery or downgrade to unencrypted transmission. The server capabilities listed in the EHLO response tell you what features the server supports. Look for 8BITMIME (proper handling of international characters), SIZE (maximum message size accepted), and PIPELINING (improved performance for bulk delivery). If the server advertises no authentication mechanisms on port 587, it may be misconfigured as an open relay, which is a serious security issue that will quickly lead to blacklisting.

Frequently Asked Questions

This tool tests: TCP connectivity to the mail server on ports 25, 465, and 587; TLS/SSL support and certificate validity; SMTP banner and EHLO response; supported authentication mechanisms; server capabilities (STARTTLS, PIPELINING, SIZE limits); and response time. It helps diagnose why emails may not be delivered to or from your server.

Port 587 (submission with STARTTLS) is the recommended port for sending email from applications. Port 465 (implicit TLS) is the legacy secure submission port, recently re-standardized. Port 25 is for server-to-server relay and is often blocked by ISPs for end users. Use 587 with STARTTLS for most applications.

Common causes: firewall blocking the port, ISP restricting port 25, incorrect server hostname, expired or invalid TLS certificate, authentication credentials wrong, server requiring IP whitelisting, or DNS resolution issues. Use this tester to identify the exact failure point in the SMTP handshake, then fix the underlying configuration issue.

Verify Any Email Address — Free, Fast, Accurate

This tool is part of our free toolkit. For complete verification with 99.5% accuracy, visit our email verifier.

Try Free Email VerifierView Pricing

Try our free email verifier — verify any email instantly, no signup required. Need bulk verification? Upload your list and clean thousands of emails in minutes.

Developers: integrate email verification into your app with our RESTful API — SDKs for 7 languages.

Guides: best practices · sender reputation · IP warming