Adjust manual Thunderbird EHLO test for StartTLS
Originally created by @alant on #9382 (Redmine)
Currently, test instructions reads:
* Also check that the EHLO/HELO SMTP message is not leaking anything
at the application level:
1. Start Claws using the panel icon.
2. Disable SSL/TLS for SMTP in Claws (so take precautions for not
leaking your password in plaintext by either changing it
temporarily or using a disposable account). I don't find a provider that allows that...
3. Run `sudo tcpdump -n -i lo -w dump` to capture the packets before
Tor encrypts it, then close tcpdump
4. Check the dump for the HELO/EHLO message and
verify that it only contains `localhost`: `tcpdump -A -r dump`
But we have no test infrastructure to acces an SMTP server which allows unencrypted login. It seems last testers thus looked at the 1st EHLO, before the STARTTLS command.
However, the RFC reads (https://www.ietf.org/rfc/rfc2487.txt):
5.2 Result of the STARTTLS Command
Upon completion of the TLS handshake, the SMTP protocol is reset to
the initial state (the state in SMTP after a server issues a 220
service ready greeting). The server MUST discard any knowledge
obtained from the client, such as the argument to the EHLO command,
which was not obtained from the TLS negotiation itself. The client
MUST discard any knowledge obtained from the server, such as the list
of SMTP service extensions, which was not obtained from the TLS
negotiation itself. The client SHOULD send an EHLO command as the
first command after a successful TLS negotiation.
We are thus not checking the right EHLO.