diff --git a/client-simulation-data.sh b/client-simulation-data.sh
index 96d816e..6185436 100644
--- a/client-simulation-data.sh
+++ b/client-simulation-data.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # This file contains client handshake data used in the run_client_simulation function
-# Don't update this file by hand, but run util/parse_client_ciphers.pl instead
+# Don't update this file by hand, but run util/update_client_sim_data.pl instead
 
 # --- Qualys SSL Labs --- From: https://api.dev.ssllabs.com/api/v3/getClients ---
 names+=("Android 2.3.7                 ")
@@ -14,7 +14,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -32,7 +32,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -50,7 +50,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -68,7 +68,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -86,7 +86,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -104,7 +104,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -122,7 +122,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -140,7 +140,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -158,7 +158,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -176,7 +176,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -194,7 +194,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -212,7 +212,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -230,7 +230,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -248,7 +248,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_2")
 tlsvers+=("-tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0302")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -266,7 +266,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_2")
 tlsvers+=("-tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0302")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -284,7 +284,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_2")
 tlsvers+=("-tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0302")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -302,7 +302,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -320,7 +320,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -338,7 +338,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -356,7 +356,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -374,7 +374,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -392,7 +392,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -410,7 +410,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -428,7 +428,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -446,7 +446,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -464,7 +464,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -482,7 +482,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -500,7 +500,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -518,7 +518,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -536,7 +536,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -554,7 +554,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -572,7 +572,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -590,7 +590,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -608,7 +608,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -626,7 +626,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -644,7 +644,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -662,7 +662,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -680,7 +680,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -698,7 +698,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -716,7 +716,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -734,7 +734,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -752,7 +752,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -770,7 +770,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -788,7 +788,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -806,7 +806,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -824,7 +824,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -842,7 +842,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -860,7 +860,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -878,7 +878,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -896,7 +896,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -914,7 +914,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -932,7 +932,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1023)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -950,7 +950,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1023)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -968,7 +968,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1023)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -986,7 +986,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1023)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1004,7 +1004,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1023)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1022,7 +1022,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1023)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1040,7 +1040,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1058,7 +1058,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1076,7 +1076,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1094,7 +1094,7 @@ protos+=("-ssl2 -ssl3 -no_tls1 -no_tls1_1 -no_tls1_2")
 tlsvers+=("")
 lowest_protocol+=("0x0200")
 highest_protocol+=("0x0300")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1112,7 +1112,7 @@ protos+=("-ssl2 -ssl3 -no_tls1 -no_tls1_1 -no_tls1_2")
 tlsvers+=("")
 lowest_protocol+=("0x0200")
 highest_protocol+=("0x0300")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1130,7 +1130,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1148,7 +1148,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1166,7 +1166,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1184,7 +1184,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1202,7 +1202,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1220,7 +1220,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1238,7 +1238,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(4096)
 minRsaBits+=(-1)
@@ -1256,7 +1256,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1274,7 +1274,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1292,7 +1292,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(4096)
 minRsaBits+=(-1)
@@ -1310,7 +1310,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1328,7 +1328,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1346,7 +1346,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1364,7 +1364,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1382,7 +1382,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(4096)
 minRsaBits+=(-1)
@@ -1400,7 +1400,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1418,7 +1418,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1436,7 +1436,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1454,7 +1454,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(4096)
 minRsaBits+=(-1)
@@ -1472,7 +1472,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(4096)
 minRsaBits+=(-1)
@@ -1490,7 +1490,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(4096)
 minRsaBits+=(-1)
@@ -1508,7 +1508,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(1024)
 maxDhBits+=(4096)
 minRsaBits+=(-1)
@@ -1670,7 +1670,7 @@ protos+=("-no_ssl2 -no_ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1688,7 +1688,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_2")
 tlsvers+=("-tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0302")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1706,7 +1706,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_2")
 tlsvers+=("-tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0302")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1724,7 +1724,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1742,7 +1742,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1760,7 +1760,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1778,7 +1778,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1796,7 +1796,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1814,7 +1814,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1832,7 +1832,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1850,7 +1850,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1868,7 +1868,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(768)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1886,7 +1886,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(768)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1904,7 +1904,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(768)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1922,7 +1922,7 @@ protos+=("-no_ssl2 -no_ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0301")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(768)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1958,7 +1958,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1976,7 +1976,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -1994,7 +1994,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -2012,7 +2012,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -2030,7 +2030,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1 -no_tls1_1 -no_tls1_2")
 tlsvers+=("")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0300")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -2048,7 +2048,7 @@ protos+=("-no_ssl2 -ssl3 -no_tls1_1 -no_tls1_2")
 tlsvers+=("-tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0301")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -2066,7 +2066,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -2084,7 +2084,7 @@ protos+=("-no_ssl2 -ssl3")
 tlsvers+=("-tls1_2 -tls1_1 -tls1")
 lowest_protocol+=("0x0300")
 highest_protocol+=("0x0303")
-service+=("HTTP")
+service+=("HTTP,FTP")
 minDhBits+=(-1)
 maxDhBits+=(-1)
 minRsaBits+=(-1)
@@ -2094,14 +2094,38 @@ requiresSha2+=(false)
 
 # --- testssl.sh maintained clients ---
 	     
-#names+=("Mail iOS 9.3.2                ")
-#short+=("mail_ios_932")
-#ciphers+=("ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:RC4-MD5")
-#sni+=("$SNI")
-#warning+=("")
-#handshakebytes+=("16030100bb010000b703015767e6ae46f9abf3138e26a9f9880f9697bf3387f7eff709db1fa220e692d80420fb04b0979bae1664e11ef172d4dfba15af59dd200b7831992a35c73cde9efed9003200ffc024c023c00ac009c008c028c027c014c013c012006b0067003900330016003d003c0035002f000ac007c011000500040100003c000000190017000014696d61702e73656374696f6e7a65726f2e6f7267000a00080006001700180019000b0002010000050005010000000000120000")
-#protos+=("-no_ssl2 -ssl3")
-#tlsvers+=("-tls_1_2 -tls_1_1 -tls1")
-#lowest_protocol+=("0x0300")
-#highest_protocol+=("0x0304")
-#service+=("SMTP,POP,IMAP")
+names+=("Mail iOS 9.3.2                ")
+short+=("mail_ios_932")
+ciphers+=("ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:RC4-MD5")
+sni+=("$SNI")
+warning+=("")
+handshakebytes+=("16030100bb010000b703015767e6ae46f9abf3138e26a9f9880f9697bf3387f7eff709db1fa220e692d80420fb04b0979bae1664e11ef172d4dfba15af59dd200b7831992a35c73cde9efed9003200ffc024c023c00ac009c008c028c027c014c013c012006b0067003900330016003d003c0035002f000ac007c011000500040100003c000000190017000014696d61702e73656374696f6e7a65726f2e6f7267000a00080006001700180019000b0002010000050005010000000000120000")
+protos+=("-no_ssl2 -ssl3")
+tlsvers+=("-tls1")
+lowest_protocol+=("0x0300")
+highest_protocol+=("0x0301")
+service+=("SMTP,POP,IMAP")
+minDhBits+=(-1)
+maxDhBits+=(-1)
+minRsaBits+=(-1)
+maxRsaBits+=(-1)
+minEcdsaBits+=(-1)
+requiresSha2+=(false)
+
+names+=("Mail OSX 10.11.15             ")
+short+=("mail_osx_101115")
+ciphers+=("ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:RC4-MD5")
+sni+=("$SNI")
+warning+=("")
+handshakebytes+=("16030100940100009003015770e928499e82df2eb7477200e2a828d9fa4109514385bd1602df44aaf2b0f400003200ffc024c023c00ac009c008c028c027c014c013c012006b0067003900330016003d003c0035002f000ac007c011000500040100003500000012001000000d3137382e3233372e33342e3932000a00080006001700180019000b0002010000050005010000000000120000")
+protos+=("-no_ssl2 -no_ssl3")
+tlsvers+=("-tls1")
+lowest_protocol+=("0x0301")
+highest_protocol+=("0x0301")
+service+=("SMTP,POP,IMAP")
+minDhBits+=(-1)
+maxDhBits+=(-1)
+minRsaBits+=(-1)
+maxRsaBits+=(-1)
+minEcdsaBits+=(-1)
+requiresSha2+=(false)
diff --git a/testssl.sh b/testssl.sh
index 519baea..3440a74 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -2009,14 +2009,23 @@ run_client_simulation() {
      local i=0
      local name tls proto cipher
      local using_sockets=true
+     local client_service
 
-     if $SSL_NATIVE || [[ -n "$STARTTLS" ]] || ! $EXPERIMENTAL; then
+     if [[ $SSL_NATIVE || ! $EXPERIMENTAL ]]; then
           using_sockets=false
      fi
 
-     # doesn't make sense for other services
-     if [[ $SERVICE != "HTTP" ]];  then
-          return 0
+     # That service should clients support for simulation?
+     if [[ "$SERVICE" != "" ]]; then
+          client_service="$SERVICE"
+     else
+          # Can we take the service from STARTTLS?
+          if [[ -n "$STARTTLS_PROTOCOL" ]]; then
+               client_service=$(toupper "${STARTTLS_PROTOCOL%s}")    # strip trailing 's' in ftp(s), smtp(s), pop3(s), etc
+          else
+               echo "Could not determine which protocol was started, only simulating generic clients."
+               client_service="undetermined"
+          fi
      fi
 
      # Get handshakes from external file
@@ -2028,68 +2037,71 @@ run_client_simulation() {
 
      debugme outln
      for name in "${short[@]}"; do
-          #FIXME: printf formatting would look better, especially if we want a wide option here
-          out " ${names[i]}   "
-          if $using_sockets && [[ -n "${handshakebytes[i]}" ]]; then
-               client_simulation_sockets "${handshakebytes[i]}"
-               sclient_success=$?
-               if [[ $sclient_success -eq 0 ]]; then
-                    if [[ "0x${DETECTED_TLS_VERSION}" -lt ${lowest_protocol[i]} ]] || \
-                       [[ "0x${DETECTED_TLS_VERSION}" -gt ${highest_protocol[i]} ]]; then
-                         sclient_success=1
-                    fi
-                    [[ $sclient_success -eq 0 ]] && cp "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt" $TMPFILE >$ERRFILE
-               fi
-          else
-               $OPENSSL s_client -cipher ${ciphers[i]} ${protos[i]} ${tlsvers[i]} $STARTTLS $BUGS $PROXY -connect $NODEIP:$PORT ${sni[i]}  </dev/null >$TMPFILE 2>$ERRFILE
-               debugme echo "$OPENSSL s_client -cipher ${ciphers[i]} ${protos[i]} ${tlsvers[i]} $STARTTLS $BUGS $PROXY -connect $NODEIP:$PORT ${sni[i]}  </dev/null"
-               sclient_connect_successful $? $TMPFILE
-               sclient_success=$?
-          fi
-          if [[ $sclient_success -ne 0 ]]; then
-               outln "No connection"
-               fileout "client_${short[i]}" "INFO" "$(strip_spaces "${names[i]}") client simulation: No connection"
-          else
-               #FIXME: awk
-               proto=$(grep -aw "Protocol" $TMPFILE | sed -e 's/^.*Protocol.*://' -e 's/ //g')
-               [[ "$proto" == TLSv1 ]] && proto="TLSv1.0"
-               if [[ "$proto" == TLSv1.2 ]] && ( ! $using_sockets || [[ -z "${handshakebytes[i]}" ]] ); then
-                    # OpenSSL reports TLS1.2 even if the connection is TLS1.1 or TLS1.0. Need to figure out which one it is...
-                    for tls in ${tlsvers[i]}; do
-                         $OPENSSL s_client $tls -no_ssl2 -no_ssl3 -cipher ${ciphers[i]} $STARTTLS $BUGS $PROXY -connect $NODEIP:$PORT ${sni[i]}  </dev/null >$TMPFILE 2>$ERRFILE
-                         debugme echo "$OPENSSL s_client $tls -no_ssl2 -no_ssl3 -cipher ${ciphers[i]} $STARTTLS $BUGS $PROXY -connect $NODEIP:$PORT ${sni[i]}  </dev/null"
-                         sclient_connect_successful $? $TMPFILE
-                         sclient_success=$?
-                         if [[ $sclient_success -eq 0 ]]; then
-                              case "$tls" in
-                                   "-tls1_2")
-                                        proto="TLSv1.2"
-                                        break
-                                        ;;
-                                   "-tls1_1")
-                                        proto="TLSv1.1"
-                                        break
-                                        ;;
-                                   "-tls1")
-                                        proto="TLSv1.0"
-                                        break
-                                        ;;
-                              esac
+          # Make sure we run client simulations for those clients that support it
+          if [[ `echo "${service[i]}" | grep "$client_service" | wc -l` -eq 1 || "${service[i]}" == "ANY" ]]; then
+               #FIXME: printf formatting would look better, especially if we want a wide option here
+               out " ${names[i]}   "
+               if $using_sockets && [[ -n "${handshakebytes[i]}" ]]; then
+                    client_simulation_sockets "${handshakebytes[i]}"
+                    sclient_success=$?
+                    if [[ $sclient_success -eq 0 ]]; then
+                         if [[ "0x${DETECTED_TLS_VERSION}" -lt ${lowest_protocol[i]} ]] || \
+                            [[ "0x${DETECTED_TLS_VERSION}" -gt ${highest_protocol[i]} ]]; then
+                              sclient_success=1
                          fi
-                    done
+                         [[ $sclient_success -eq 0 ]] && cp "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt" $TMPFILE >$ERRFILE
+                    fi
+               else
+                    $OPENSSL s_client -cipher ${ciphers[i]} ${protos[i]} ${tlsvers[i]} $STARTTLS $BUGS $PROXY -connect $NODEIP:$PORT ${sni[i]}  </dev/null >$TMPFILE 2>$ERRFILE
+                    debugme echo "$OPENSSL s_client -cipher ${ciphers[i]} ${protos[i]} ${tlsvers[i]} $STARTTLS $BUGS $PROXY -connect $NODEIP:$PORT ${sni[i]}  </dev/null"
+                    sclient_connect_successful $? $TMPFILE
+                    sclient_success=$?
                fi
-               #FiXME: awk
-               cipher=$(grep -wa Cipher $TMPFILE | egrep -avw "New|is" | sed -e 's/ //g' -e 's/^Cipher://')
-               $using_sockets && [[ -n "${handshakebytes[i]}" ]] && [[ -n "$MAPPING_FILE_RFC" ]] && cipher="$(rfc2openssl "$cipher")"
-               outln "$proto $cipher"
-               if [[ -n "${warning[i]}" ]]; then
-                    out "                            "
-                    outln "${warning[i]}"
+               if [[ $sclient_success -ne 0 ]]; then
+                    outln "No connection"
+                    fileout "client_${short[i]}" "INFO" "$(strip_spaces "${names[i]}") client simulation: No connection"
+               else
+                    #FIXME: awk
+                    proto=$(grep -aw "Protocol" $TMPFILE | sed -e 's/^.*Protocol.*://' -e 's/ //g')
+                    [[ "$proto" == TLSv1 ]] && proto="TLSv1.0"
+                    if [[ "$proto" == TLSv1.2 ]] && ( ! $using_sockets || [[ -z "${handshakebytes[i]}" ]] ); then
+                         # OpenSSL reports TLS1.2 even if the connection is TLS1.1 or TLS1.0. Need to figure out which one it is...
+                         for tls in ${tlsvers[i]}; do
+                              $OPENSSL s_client $tls -no_ssl2 -no_ssl3 -cipher ${ciphers[i]} $STARTTLS $BUGS $PROXY -connect $NODEIP:$PORT ${sni[i]}  </dev/null >$TMPFILE 2>$ERRFILE
+                              debugme echo "$OPENSSL s_client $tls -no_ssl2 -no_ssl3 -cipher ${ciphers[i]} $STARTTLS $BUGS $PROXY -connect $NODEIP:$PORT ${sni[i]}  </dev/null"
+                              sclient_connect_successful $? $TMPFILE
+                              sclient_success=$?
+                              if [[ $sclient_success -eq 0 ]]; then
+                                   case "$tls" in
+                                        "-tls1_2")
+                                             proto="TLSv1.2"
+                                             break
+                                             ;;
+                                        "-tls1_1")
+                                             proto="TLSv1.1"
+                                             break
+                                             ;;
+                                        "-tls1")
+                                             proto="TLSv1.0"
+                                             break
+                                             ;;
+                                   esac
+                              fi
+                         done
+                    fi
+                    #FiXME: awk
+                    cipher=$(grep -wa Cipher $TMPFILE | egrep -avw "New|is" | sed -e 's/ //g' -e 's/^Cipher://')
+                    $using_sockets && [[ -n "${handshakebytes[i]}" ]] && [[ -n "$MAPPING_FILE_RFC" ]] && cipher="$(rfc2openssl "$cipher")"
+                    outln "$proto $cipher"
+                    if [[ -n "${warning[i]}" ]]; then
+                         out "                            "
+                         outln "${warning[i]}"
+                    fi
+                    fileout "client_${short[i]}" "INFO" \
+                         "$(strip_spaces "${names[i]}") client simulation:  $proto $cipher   ${warning[i]}"
+                    debugme cat $TMPFILE
                fi
-               fileout "client_${short[i]}" "INFO" \
-                    "$(strip_spaces "${names[i]}") client simulation:  $proto $cipher   ${warning[i]}"
-               debugme cat $TMPFILE
-          fi
+          fi # correct service?
           i=$((i+1))
      done
      tmpfile_handle $FUNCNAME.txt
diff --git a/utils/parse_client_ciphers.pl b/utils/update_client_sim_data.pl
similarity index 62%
rename from utils/parse_client_ciphers.pl
rename to utils/update_client_sim_data.pl
index 3892e46..12b1dc0 100755
--- a/utils/parse_client_ciphers.pl
+++ b/utils/update_client_sim_data.pl
@@ -25,7 +25,7 @@ open OUT, ">client-simulation-data.sh" or die "Unable to open client-simulation-
 print OUT "#!/bin/bash
 
 # This file contains client handshake data used in the run_client_simulation function
-# Don't update this file by hand, but run util/parse_client_ciphers.pl instead
+# Don't update this file by hand, but run util/update_client_sim_data.pl instead
 
 # --- Qualys SSL Labs --- From: https://api.dev.ssllabs.com/api/v3/getClients ---
 ";
@@ -122,9 +122,12 @@ foreach my $client ( @$ssllabs ) {
 	if ( lc($client->{name}) eq "java" || lc($client->{name}) eq "openssl" ) {
 		# Java and OpenSSL are generic clients
 		print OUT "service+=(\"ANY\")\n";		
-	} else {
-		# All others are HTTP(s) only
+	} elsif ( $shortname =~ /^apple_ats/ ) { 
+		# Apple ATS is HTTP(s) only
 		print OUT "service+=(\"HTTP\")\n";
+	} else {
+		# All others are HTTP(s)/FTP only
+		print OUT "service+=(\"HTTP,FTP\")\n";
 	}
 
 	# Bit size limitations
@@ -145,17 +148,41 @@ foreach my $client ( @$ssllabs ) {
 print OUT 
 '# --- testssl.sh maintained clients ---
 	     
-#names+=("Mail iOS 9.3.2                ")
-#short+=("mail_ios_932")
-#ciphers+=("ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:RC4-MD5")
-#sni+=("$SNI")
-#warning+=("")
-#handshakebytes+=("16030100bb010000b703015767e6ae46f9abf3138e26a9f9880f9697bf3387f7eff709db1fa220e692d80420fb04b0979bae1664e11ef172d4dfba15af59dd200b7831992a35c73cde9efed9003200ffc024c023c00ac009c008c028c027c014c013c012006b0067003900330016003d003c0035002f000ac007c011000500040100003c000000190017000014696d61702e73656374696f6e7a65726f2e6f7267000a00080006001700180019000b0002010000050005010000000000120000")
-#protos+=("-no_ssl2 -ssl3")
-#tlsvers+=("-tls_1_2 -tls_1_1 -tls1")
-#lowest_protocol+=("0x0300")
-#highest_protocol+=("0x0304")
-#service+=("SMTP,POP,IMAP")
+names+=("Mail iOS 9.3.2                ")
+short+=("mail_ios_932")
+ciphers+=("ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:RC4-MD5")
+sni+=("$SNI")
+warning+=("")
+handshakebytes+=("16030100bb010000b703015767e6ae46f9abf3138e26a9f9880f9697bf3387f7eff709db1fa220e692d80420fb04b0979bae1664e11ef172d4dfba15af59dd200b7831992a35c73cde9efed9003200ffc024c023c00ac009c008c028c027c014c013c012006b0067003900330016003d003c0035002f000ac007c011000500040100003c000000190017000014696d61702e73656374696f6e7a65726f2e6f7267000a00080006001700180019000b0002010000050005010000000000120000")
+protos+=("-no_ssl2 -ssl3")
+tlsvers+=("-tls1")
+lowest_protocol+=("0x0300")
+highest_protocol+=("0x0301")
+service+=("SMTP,POP,IMAP")
+minDhBits+=(-1)
+maxDhBits+=(-1)
+minRsaBits+=(-1)
+maxRsaBits+=(-1)
+minEcdsaBits+=(-1)
+requiresSha2+=(false)
+
+names+=("Mail OSX 10.11.15             ")
+short+=("mail_osx_101115")
+ciphers+=("ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:RC4-MD5")
+sni+=("$SNI")
+warning+=("")
+handshakebytes+=("16030100940100009003015770e928499e82df2eb7477200e2a828d9fa4109514385bd1602df44aaf2b0f400003200ffc024c023c00ac009c008c028c027c014c013c012006b0067003900330016003d003c0035002f000ac007c011000500040100003500000012001000000d3137382e3233372e33342e3932000a00080006001700180019000b0002010000050005010000000000120000")
+protos+=("-no_ssl2 -no_ssl3")
+tlsvers+=("-tls1")
+lowest_protocol+=("0x0301")
+highest_protocol+=("0x0301")
+service+=("SMTP,POP,IMAP")
+minDhBits+=(-1)
+maxDhBits+=(-1)
+minRsaBits+=(-1)
+maxRsaBits+=(-1)
+minEcdsaBits+=(-1)
+requiresSha2+=(false)
 ';
 
 exit;