[Owasp-delhi] MAIL SERVER TESTING
s.parmendra at gmail.com
Wed Dec 16 06:14:47 EST 2009
Thanks for the comments.
but what i was asking is there any specific "methodology/Guideline/How
to" to test such issues.
On Wed, Dec 16, 2009 at 4:35 PM, Soi, Dhruv <dhruv.soi at torridnetworks.com>wrote:
> Apart from standard assessment of mail server to check for
> vulnerabilities in the SMTP/POP3/IMAP/OS software there are few mail server
> specific test like open relay, mail spoofing, usage of plain text protocols,
> user harvesting VRFY (SMTP command), Brute Force Prevention to
> POP3/SMTP/webmail, Malware Evasion, SPAM Tests, Information Leakage in
> bounced messages, webmail security, password policies etc.
> Hope Helpful.
> *From:* owasp-delhi-bounces at lists.owasp.org [mailto:
> owasp-delhi-bounces at lists.owasp.org] *On Behalf Of *Parmendra Sharma
> *Sent:* Wednesday, December 16, 2009 4:24 PM
> *To:* owasp-delhi at lists.owasp.org
> *Subject:* [Owasp-delhi] MAIL SERVER TESTING
> Hello All,
> Can anyone share details (How to perform vapt, any guideline, any
> methodology) regarding the vulnerability asssessment and pen test process
> for a MAIL SERVER.
> Thanks and Regards:
> Parmendra Sharma
> Computer Security Analyst
Thanks and Regards:
Computer Security Analyst
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-delhi