> Hint:
> $ openssl s_client -CApath /etc/ssl/certs -crlf \
> -connect smtp.gmail.com:587
> CONNECTED(00000003)
> 28135:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:583:
>
> That's what you get when you try to speak SSL/TLS to a server which
> isn't speaking it in its current state (ie, is waiting for STARTTLS).
>
Yes, I get all that. However, I think it would be possible in principal
(admittedly heuristically) to look at the low-level bytes arriving at
the socket and see if the caller were trying to negotiate SSL with you.
If they didn't, after a small delay, you could assume it was a non-SSL
connection and do whatever was appropriate.
Well, far afield from the usual exim topics....
