SMTP (25-465-587)
Simple Mail Transfer Protocol.
Port
25 TCP
SMTP (unencrypted)
465 TCP
SMTP (encrypted)
587 TCP
SMTP (encrypted)
Config File
/etc/postfix/main.cf
Interact
Attacks
User Discovery
The VRFY command causes the server to check whether or not a particular user exists and get the answer.
The EXPN command is used with a mailing list and will list all users on that list.
The RCPT TO command identifies the recipient of the e-mail message and can be repeated several times to list valid users.
smtp-user-enum -M [VRFY,EXPN,RCPT] -U <WORDLIST> -t <IP> [-D <DOMAIN> for RCPT]
Open Relay
An open relay is a mail server that is configured in such a way that it allows email to be sent to anyone, even unauthorized users, without any authentication control or limitation on access. In other words, it is an “open” mail server that accepts to forward email from external sources to recipients outside its domain. This configuration can be very problematic because it makes the server vulnerable to improper use, particularly by spammers and malicious attackers (phishing). These can exploit open relay to send huge amounts of unwanted email, hiding their identities and making it appear that the mail traffic is coming from the exploited server.
Check if it is an Open Relay
Sending emails without authentication
Last updated