First of all, you might want to completely edit out what looks right now like slightly damaged but partially decodable login-password pair, in case you didn't do that already.
Secondly, when you're using openssl, you are already establishing a TLS connection (so no STARTTLS command is required), but when doing STARTTLS in Perl by hand (like you seem to be trying to), after receiving 220 TLS go ahead you should immediately send TLS Client hello, establish a TLS connection and send EHLO abc.us over that. Judging by your code,
socket_write("STARTTLS$CRLF")
|| return fail("send STARTTLS failed (lost connection?)")
+;
socket_read()
|| return fail(" $server_reply");
socket_write("EHLO $smtp$CRLF")
|| return fail("send EHLO error (lost connection?)");
you are trying to authenticate in plain text, not over TLS (thus defeating the purpose of the command). Since server expects TLS handshake and not a EHLO, it bails.
Suggested solution: start right away with TLS. This way, you won't have to create a TLS object over an existing TCP connection, thus slightly breaking encapsulation in your application architecture, and bad guys sitting between you and the server and doing a MITM attack won't be able to impersonate the server at all (like they can before you enter STARTTLS).
| [reply]
[d/l]
[select] |
| [reply] |