SMTP(25/465(enc)/587(newer))
About
Often used with IMAP/POP3 which we will discuss later and provide the full image of the mail transferring action.
SMTP also prevents spam with its authentication mechanisms through supported the extension ESMTP and SMTP-Auth.
Not encrypted mainly, but can use SSL/TLS encryption on port 465 by ESTMP which uses TLS after the EHLO command.
Without diving into IMAP/POP3 to get the full image of how the mailing process works, here's how smtp is used in general:
Uses DKIM+SPF to prevent spam and the SMTP relays attacks.
Config
Enumeration
AUTH PLAIN
AUTH is a service extension used to authenticate the client.
HELO
The client logs in with its computer name and thus starts the session.
MAIL FROM
The client names the email sender.
RCPT TO
The client names the email recipient.
DATA
The client initiates the transmission of the email.
RSET
The client aborts the initiated transmission but keeps the connection between client and server.
VRFY
The client checks if a mailbox is available for message transfer.
EXPN
The client also checks if a mailbox is available for messaging with this command.
NOOP
The client requests a response from the server to prevent disconnection due to time-out.
QUIT
The client terminates the session.
Interaction
Telnet + HELO/EHLO
Telnet + VRFY
The VRFY command, like any other command uses pre-configured commands. Therefore the false positives are so common especially using VRFY. Here's how:
Nmap
Last updated