diff --git a/CHANGELOG b/CHANGELOG
index 09d308708..99e46657b 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,8 @@
 #Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE][GH#1258] Use smtp.domain script arg or target's domain name instead of
+  "example.com" in EHLO command used for STARTTLS. [gwire]
+
 o [NSE][GH#1233] Fix brute.lua's BruteSocket wrapper, which was crashing Nmap
   with an assertion failure due to socket mixup [Daniel Miller]:
     nmap: nse_nsock.cc:672: int receive_buf(lua_State*, int, lua_KContext): Assertion `lua_gettop(L) == 7' failed.
diff --git a/nselib/sslcert.lua b/nselib/sslcert.lua
index ffd23fea3..a4085b12e 100644
--- a/nselib/sslcert.lua
+++ b/nselib/sslcert.lua
@@ -346,7 +346,7 @@ StartTLS = {
     end
 
     local status
-    status, result = smtp.query(s, "LHLO", "example.com")
+    status, result = smtp.query(s, "LHLO", smtp.get_domain(host))
     if not status then
       stdnse.debug1("LHLO with errors or timeout.  Enable --script-trace to see what is happening.")
       return false, string.format("Failed to LHLO: %s", result)
@@ -468,7 +468,7 @@ StartTLS = {
     end
 
     local status
-    status, result = smtp.ehlo(s, "example.com")
+    status, result = smtp.ehlo(s, smtp.get_domain(host))
     if not status then
       stdnse.debug1("EHLO with errors or timeout.  Enable --script-trace to see what is happening.")
       return false, string.format("Failed to connect to SMTP server: %s", result)