All Courses
Login / Sign up
Get started

By signing up, you agree to our Terms of Use and Privacy Policy.
Reset your password
Enter your email and we'll send you instructions on how to reset your password.

SMTP Enumeration

The Simple Mail Transport Protocol is used to send email messages as opposed to POP3 or IMAP which can be used to both send and receive messages. SMTP relies on using Mail Exchange (MX) servers to direct the mail to via the Domain Name Service, however, should an MX server not be detected, SMTP will revert and try an A or alternatively SRV records. SMTP generally runs on port 25.

SMTP enumeration allows us to determine valid users on the SMTP server. This is done with the help built-in SMTP commands, they are

  • VRFY - This command is used for validating users.

  • EXPN - This command tells the actual delivery address of aliases and mailing lists.

  • RCPT TO - It defines the recipients of the message.

Tool:

NestScanTools Pro

Countermeasures: 

  • Configure SMTP server either to ignore email messages to unknown recipients.

  • Don’t include information like mail relay systems being used, Internal IP address or host information.

  • Disable open relay feature.


0 Comments

Add Comment

Subject to Moderate