SMTP (Simple Mail Transfer Protocol) is a TCP/IP protocol used in sending and receiving e-mail. However, since it is limited in its ability to queue messages at the receiving end, it is usually used with one of two other protocols, POP3 or IMAP, that let the user save messages in a server mailbox and download them periodically from the server.
In other words, users typically use a program that uses SMTP for sending e-mail and either POP3 or IMAP for receiving e-mail. On Unix-based systems, sendmail is the most widely-used SMTP server for e-mail. A commercial package, Sendmail, includes a POP3 server. Microsoft Exchange includes an SMTP server and can also be set up to include POP3 support. From here.
Default port: 25,465(ssl),587(ssl)
Banner Grabbing/Basic connection
nc -vn <IP> 25
openssl s_client -crlf -connect smtp.mailgun.org:465 #SSL/TLS without starttls command
openssl s_client -starttls smtp -crlf -connect smtp.mailgun.org:587
Finding MX servers of an organisation
dig +short mx google.com
STMP username enum (smtp-user-enum)
smtp-user-enum -M VRFY -U /usr/share/seclists/Usernames/Names/names.txt -t 10.10.10.17
nmap –script smtp-enum-users 10.10.10.51 -p25
nmap -p25 –script smtp-commands 10.10.10.10
Telnet SMTP – send mail
telnet 10.10.10.17 110
#read message number
#To send email using STMP for LFI /var/mail/ValidUserHere
Subject: email title
<your LFI code here>
<new blank line>
Send Email from linux console
root@kali:~# sendEmail -t firstname.lastname@example.org -f email@example.com -s 192.168.8.131 -u Important Upgrade Instructions -a /tmp/BestComputers-UpgradeInstructions.pdf
Reading message body from STDIN because the ‘-m’ option was not used.
If you are manually typing in a message:
– First line must be received within 60 seconds.
– End manual input with a CTRL-D on its own line.
We are sending this important file to all our customers. It contains very important instructions for upgrading and securing your software. Please read and let us know if you have any problems.