Soi, Dhruv dhruv.soi at torridnetworks.com
Wed Dec 16 06:05:25 EST 2009

Apart from standard assessment of mail server to check for vulnerabilities in the SMTP/POP3/IMAP/OS software there are few mail server specific test like open relay, mail spoofing, usage of plain text protocols, user harvesting VRFY (SMTP command), Brute Force Prevention to POP3/SMTP/webmail, Malware Evasion, SPAM Tests, Information Leakage in bounced messages, webmail security, password policies etc.


Hope Helpful.


From: owasp-delhi-bounces at lists.owasp.org [mailto:owasp-delhi-bounces at lists.owasp.org] On Behalf Of Parmendra Sharma
Sent: Wednesday, December 16, 2009 4:24 PM
To: owasp-delhi at lists.owasp.org
Subject: [Owasp-delhi] MAIL SERVER TESTING


Hello All,


Can anyone share details (How to perform vapt, any guideline, any methodology) regarding the vulnerability asssessment and pen test process for a MAIL SERVER.

Thanks and Regards:

Parmendra Sharma
Computer Security Analyst

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20091216/c4b89257/attachment.html 

More information about the Owasp-delhi mailing list