Calculator Inputs
Use this to assess SMTP authentication posture, transport protection, credential hygiene, and deployment fit from the settings you plan to use.
Example Data Table
| Server | Port | Encryption | TLS | Auth | Credential | Password Length | MFA | Result Score | Rating |
|---|---|---|---|---|---|---|---|---|---|
| mail.example.com | 587 | STARTTLS | 1.3 | XOAUTH2 | OAuth Token | 20 | Yes | 93 | Excellent |
| relay.office.local | 465 | SMTPS | 1.2 | LOGIN | App Password | 16 | Yes | 79 | Strong |
| legacy.mail.net | 25 | None | 1.0 | PLAIN | Basic Password | 8 | No | 23 | High Risk |
Formula Used
The calculator uses a weighted score out of 100. It is designed to estimate authentication strength and deployment fitness from the configuration values you provide.
Weighting Model
- Transport Score (30): Encryption mode + TLS version + certificate status.
- Auth Score (25): SMTP authentication method + credential type.
- Credential Score (20): Secret length + account type.
- Policy Score (15): MFA + IP allowlisting + relay restriction + account policy bonus.
- Operational Score (10): Port and encryption alignment + timeout + retries.
Higher scores indicate stronger authentication posture, better transport protection, and better operational alignment for authenticated mail use.
How to Use This Calculator
- Enter the SMTP server name for the profile you want to assess.
- Select the port, encryption mode, TLS version, and authentication method.
- Choose the credential type and enter the password or secret length.
- Specify whether MFA, IP allowlisting, and relay restriction are enabled.
- Set account type, certificate status, timeout, and retry values.
- Press Submit to see the assessment result above the form.
- Review the score breakdown, graph, and hardening recommendations.
- Use the CSV or PDF buttons to export the report for documentation.
Notes
FAQs
1. What does this calculator actually test?
It evaluates the security and readiness of your intended SMTP authentication settings. It scores encryption, auth method, credentials, policy controls, and operational fit from the values you enter.
2. Does it connect to an SMTP server?
No. It does not open network connections, send credentials, or attempt remote authentication. It is a local assessment tool for planning, documentation, and configuration review.
3. Why is STARTTLS or SMTPS scored higher?
Protected transport reduces credential exposure and makes interception harder. Secure encryption modes combined with modern TLS versions generally offer better confidentiality and deployment quality.
4. Why is XOAUTH2 usually stronger than basic passwords?
Token-based flows can reduce direct password handling and often fit modern identity controls better. They also align more naturally with MFA, revocation, and managed access policies.
5. What score is considered acceptable?
Many teams would aim for at least the Strong range. That usually means secure transport, modern TLS, non-basic credentials, tighter access controls, and a sensible operational setup.
6. Why does account type matter?
Dedicated service accounts are easier to monitor, rotate, restrict, and document. Personal accounts or loosely shared mailboxes often create weaker accountability and broader operational risk.
7. What does the operational score represent?
It reflects whether the selected port matches the encryption mode and whether timeout and retry settings are reasonable. Good operational choices can improve both reliability and control.
8. Can I use the exported PDF and CSV for audits?
Yes. They are useful for internal reviews, design records, and comparison of planned SMTP profiles. They should be treated as assessment artifacts, not proof of live server behavior.