[Owasp-delhi] MAIL SERVER TESTING
dhruv.soi at torridnetworks.com
Wed Dec 16 06:05:25 EST 2009
Apart from standard assessment of mail server to check for vulnerabilities in the SMTP/POP3/IMAP/OS software there are few mail server specific test like open relay, mail spoofing, usage of plain text protocols, user harvesting VRFY (SMTP command), Brute Force Prevention to POP3/SMTP/webmail, Malware Evasion, SPAM Tests, Information Leakage in bounced messages, webmail security, password policies etc.
From: owasp-delhi-bounces at lists.owasp.org [mailto:owasp-delhi-bounces at lists.owasp.org] On Behalf Of Parmendra Sharma
Sent: Wednesday, December 16, 2009 4:24 PM
To: owasp-delhi at lists.owasp.org
Subject: [Owasp-delhi] MAIL SERVER TESTING
Can anyone share details (How to perform vapt, any guideline, any methodology) regarding the vulnerability asssessment and pen test process for a MAIL SERVER.
Thanks and Regards:
Computer Security Analyst
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-delhi