Adjust manual Thunderbird EHLO test for StartTLS
Currently, test instructions reads:
* Also check that the EHLO/HELO SMTP message is not leaking anything at the application level: 1. Start Claws using the panel icon. 2. Disable SSL/TLS for SMTP in Claws (so take precautions for not leaking your password in plaintext by either changing it temporarily or using a disposable account). I don't find a provider that allows that... 3. Run `sudo tcpdump -n -i lo -w dump` to capture the packets before Tor encrypts it, then close tcpdump 4. Check the dump for the HELO/EHLO message and verify that it only contains `localhost`: `tcpdump -A -r dump`
But we have no test infrastructure to acces an SMTP server which allows unencrypted login. It seems last testers thus looked at the 1st EHLO, before the STARTTLS command.
However, the RFC reads (https://www.ietf.org/rfc/rfc2487.txt):
5.2 Result of the STARTTLS Command Upon completion of the TLS handshake, the SMTP protocol is reset to the initial state (the state in SMTP after a server issues a 220 service ready greeting). The server MUST discard any knowledge obtained from the client, such as the argument to the EHLO command, which was not obtained from the TLS negotiation itself. The client MUST discard any knowledge obtained from the server, such as the list of SMTP service extensions, which was not obtained from the TLS negotiation itself. The client SHOULD send an EHLO command as the first command after a successful TLS negotiation.
We are thus not checking the right EHLO.