[Owasp-delhi] MAIL SERVER TESTING

Parmendra Sharma s.parmendra at gmail.com
Wed Dec 16 06:14:47 EST 2009


Hi,

Thanks for the comments.

but what i was asking is there any specific "methodology/Guideline/How
to" to test such issues.

On Wed, Dec 16, 2009 at 4:35 PM, Soi, Dhruv <dhruv.soi at torridnetworks.com>wrote:

>  Apart from standard assessment of mail server to check for
> vulnerabilities in the SMTP/POP3/IMAP/OS software there are few mail server
> specific test like open relay, mail spoofing, usage of plain text protocols,
> user harvesting VRFY (SMTP command), Brute Force Prevention to
> POP3/SMTP/webmail, Malware Evasion, SPAM Tests, Information Leakage in
> bounced messages, webmail security, password policies etc.
>
>
>
> Hope Helpful.
>
>
>
> *From:* owasp-delhi-bounces at lists.owasp.org [mailto:
> owasp-delhi-bounces at lists.owasp.org] *On Behalf Of *Parmendra Sharma
> *Sent:* Wednesday, December 16, 2009 4:24 PM
> *To:* owasp-delhi at lists.owasp.org
> *Subject:* [Owasp-delhi] MAIL SERVER TESTING
>
>
>
> Hello All,
>
>
>
> Can anyone share details (How to perform vapt, any guideline, any
> methodology) regarding the vulnerability asssessment and pen test process
> for a MAIL SERVER.
>
> --
> Thanks and Regards:
>
> Parmendra Sharma
> Computer Security Analyst
>



-- 
Thanks and Regards:

Parmendra Sharma
Computer Security Analyst
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20091216/64eded59/attachment-0001.html 


More information about the Owasp-delhi mailing list