This happened way too often, so I'll write it down as a quick reminder:
Openssl in s_client mode will renegotiate a connection whenever a line starts with the letter R
- which is an especially bad choice when you're using it to connect to an smtp server.
~# openssl s_client -host smtp.hushmail.com -port 465
CONNECTED(00000003)
[certificate..]
---
220 smtp.hushmail.com ESMTP Postfix
HELO checko
250 smtp.hushmail.com
MAIL FROM: supergeek@uberfreak.net
250 2.1.0 Ok
RCPT TO: lostgeek@hushmail.com
RENEGOTIATING
depth=2 /C=US/O=Entrust.net/OU=www.entrust.net/CPS incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Secure Server Certification Authority
verify error:num=19:self signed certificate in certificate chain
verify return:0
So every time you try to enter RCPT the connection will be renegotiated, rendering it useless for sending mail
- as a sidenote Q should also be avoided..
Since I always look it up, here it is once and for all:
openssl s_client -ign_eof -crlf -host $host -port $port