Chapter 9. Assessing Mail Services
Mail services relay messages across both the Internet and private networks. Adversaries often use the channels formed by mail protocols to target internal systems. This chapter details the tactics you can adopt to identify flaws in available mail services—including service identification, enumeration of enabled options, and testing for known weaknesses.
Mail Protocols
Table 9-1 lists mail services supporting mail delivery (via SMTP) and collection (via POP3 and IMAP). TLS is often used to provide transport security.
| Port | Protocol | TLS | Name | Description | Hydra | |
|---|---|---|---|---|---|---|
| TCP | UDP | |||||
| 25 |
● |
– | – | smtp | Simple Mail Transfer Protocol |
● |
| 465 |
● |
– |
● |
smtps | ||
| 587 |
● |
– | – | submission | ||
| 110 |
● |
– | – | pop3 | Post Office Protocol |
● |
| 995 |
● |
– |
● |
pop3s | ||
| 143 |
● |
– | – | imap2 | Internet Message Access Protocol |
● |
| 993 |
● |
– |
● |
imaps | ||
SMTP
SMTP servers (known as message transfer agents or MTAs) transport email using software packages such as Sendmail and Microsoft Exchange. Figure 9-1 demonstrates a typical configuration, in which content filtering mechanisms are used to scrub email.
Figure 9-1. SMTP servers processing Internet-based mail
In this case, inbound mail is first sent to a managed security service provider (MSSP) to quarantine malware, spam, and other threats. The MSSP relays processed mail to the organization’s ...
Get Network Security Assessment, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
