IMAP/POP3
IMAP on ports: TCP/143 or TCP/993 | POP3 on ports: TCP/110 and TCP/995
IMAP Commands
Command | Description |
| User's login. |
| Lists all directories. |
| Creates a mailbox with a specified name. |
| Deletes a mailbox. |
| Renames a mailbox. |
| Returns a subset of names from the set of names that the User has declared as being |
| Selects a mailbox so that messages in the mailbox can be accessed. |
| Exits the selected mailbox. |
| Retrieves data associated with a message in the mailbox. |
| Removes all messages with the |
| Closes the connection with the IMAP server. |
1 FETCH 1:* full
to get most information
1 FETCH 1:* BODY[TEXT]
to get the text in the body
POP3 Commands
Command | Description |
| Identifies the user. |
| Authentication of the user using its password. |
| Requests the number of saved emails from the server. |
| Requests from the server the number and size of all emails. |
| Requests the server to deliver the requested email by ID. |
| Requests the server to delete the requested email by ID. |
| Requests the server to display the server capabilities. |
| Requests the server to reset the transmitted information. |
| Closes the connection with the POP3 server. |
Dangerous Configuration settings
Setting | Description |
| Enables all authentication debug logging. |
| This setting adjusts log verbosity, the submitted passwords, and the scheme gets logged. |
| Logs unsuccessful authentication attempts and their reasons. |
| Passwords used for authentication are logged and can also be truncated. |
| This specifies the username to be used when logging in with the ANONYMOUS SASL mechanism. |
Tools
nmap with default scripts
curl curl -k 'imaps://<IP>' --user user:p4ssw0rd
OpenSSL for encrypted interactions:
openssl s_client -connect 10.129.14.128:pop3s
openssl s_client -connect 10.129.14.128:imaps
Last updated