Premium Resources
Free Resources
SMTP Enumeration
The Simple Mail Transport Protocol is used to send email messages as opposed to POP3 or IMAP which can be used to both send and receive messages. SMTP relies on using Mail Exchange (MX) servers to direct the mail to via the Domain Name Service, however, should an MX server not be detected, SMTP will revert and try an A or alternatively SRV records. SMTP generally runs on port 25.
SMTP enumeration allows us to determine valid users on the SMTP server. This is done with the help built-in SMTP commands, they are
-
VRFY - This command is used for validating users.
-
EXPN - This command tells the actual delivery address of aliases and mailing lists.
-
RCPT TO - It defines the recipients of the message.
Tool:
NestScanTools Pro
Countermeasures:
-
Configure SMTP server either to ignore email messages to unknown recipients.
-
Don’t include information like mail relay systems being used, Internal IP address or host information.
-
Disable open relay feature.