(143,993)IMAP/POP3(110,995)

Intro

  • IMAP: Keeps emails on the server, allows access from multiple devices, and synchronizes changes across all devices. All through port 143 and port 993 for SSL/TLS connections.

  • POP3: Downloads emails to a local device, typically deletes them from the server, and is designed for single-device access without synchronization. All through 110 and port 995 for encrypted conns.

While both protocols are used to retrieve messages from a mail server, there's significant differences in terms of functionality and use cases.

IMAP ( Ports 143)
POP3

Server-Based: IMAP stores the emails on the mail server for the users to access and manage their emails.

Client-Based: POP3 downloads emails from the mail server to the local device.

Synchronization: Changes made on one device are reflected on all others.

Single Device: Emails are generally stored on a single device, making it difficult to access the same messages from multiple devices.

Hierarchical structure: Users can create, rename, or delete email folders directly on the server.

No Synchronization: Changes made to emails on one device are not reflected on other devices because emails are stored locally.

Knowing the SMTP protocol already discussed here, here's a representation of the full image:

Drawing
SMTP+IMAP/POP3 protocols.

Config

Footprinting

Interaction

IMAP

COMMAND

DESCRIPTION

1 LOGIN username password

User's login.

1 LIST "" *

Lists all directories.

1 CREATE "INBOX"

Creates a mailbox with a specified name.

1 DELETE "INBOX"

Deletes a mailbox.

1 RENAME "ToRead" "Important"

Renames a mailbox.

1 LSUB "" *

Returns a subset of names from the set of names that the User has declared as being active or subscribed.

1 SELECT INBOX

Selects a mailbox so that messages in the mailbox can be accessed.

1 UNSELECT INBOX

Exits the selected mailbox.

1 FETCH <ID> all

Retrieves data associated with a message in the mailbox.

1 CLOSE

Removes all messages with the Deleted flag set.

1 LOGOUT

Closes the connection with the IMAP server.

POP3

COMMAND

DESCRIPTION

USER username

Identifies the user.

PASS password

Authentication of the user using its password.

STAT

Requests the number of saved emails from the server.

LIST

Requests from the server the number and size of all emails.

RETR id

Requests the server to deliver the requested email by ID.

DELE id

Requests the server to delete the requested email by ID.

CAPA

Requests the server to display the server capabilities.

RSET

Requests the server to reset the transmitted information.

QUIT

Closes the connection with the POP3 server.

Nmap

$ sudo nmap 10.10.10.10 -sV -p110,143,993,995 -sC

Obtained Credentials

For unencrypted connection

$ curl -k 'imaps://10.10.10.10' --user user:password
$ curl -k 'imaps://10.10.10.10' --user user:password -v

For encrypted connection

$ openssl s_client -connect 10.10.10.10:pop3s
$ openssl s_client -connect 10.10.10.10:imaps
PreviousDNSNext(161 UDP)SNMP

Last updated