I regularly test my remote mail servers (which use postfix - with
dovecot for authentication) to check they are live and functioning,
including that they are responding correctly to authorised login with
STARTTLS.
I currently use this (sorry about line breaks, the original is on one line):
timeout 20 /bin/bash -c "{ time (sleep 2; echo \"EHLO $(hostname
-f)\"; sleep 0.3; echo -n \"AUTH PLAIN \"; printf '%s\0%s\0%s'
\"$USERNAME\" \"$USERNAME\" \"$PASSWORD\"|base64; sleep 0.3; echo
\"QUIT\"; sleep 2; exit) | openssl s_client -connect $MX -starttls
smtp 2>/dev/null >${TMPF}0; } 2>${TMPF}2"
It usually works, but occasionally it gives timeout errors even though
the server is in fact ok. The problem is that the entire one-sided
conversation is piped through to openssl with preset time delays. Is
there a better way to do this (with a shell script) - in particular a
way to await (and check) the expected response from the server before
sending the next command in the sequence?
