IMAP POP3

• Internet Message Access Protocol (IMAP), access to emails from a mail server is possible.
• client server model
• allows sync of local email client and mail server
• allows online management of emails directly on the server and supports folder structures.
• Unlike the Post Office Protocol (POP3) which allows listing, retrieving, and deleting emails
• POP3 uses -> PORT 110 | PORT 995
• IMAP uses -> PORT 143 | PORT 993 and text based ASCII commz
• Access to mailbox only after successful auth
• many commands can be sent and responses can be directed based on the identifier.
• SMTP is usually used to send emails. By copying sent emails into an IMAP folder, all clients have access to all sent mails, regardless of the computer from which they were sent.
• IMAP is unencrypted and we must establish encryption.

---

Default Config:

• dovecot has core settings and service config
• 
• IMAP cheat sheet
• ADVANCED IMAP
• 
• Use lower case retr, rset

---

Dangerous Settings

• debugging commands, anonymous login.
• mostly companies use GMAIL or OUTLOOK providers but some maintain their own email servers for privacy
• Dangerous settings:
• 

---

Commands:

• use nmap to run scripts
• Login into the mail server if we have user creds
• curl -k 'imaps://10.129.14.128' --user user:p4ssw0rd -v
• curl -k 'pop3s://10.129.14.128' --user user:p4ssw0rd -v
• curl -k 'imap://10.129.14.128' --user user:p4ssw0rd -v
• curl -k 'pop3://10.129.14.128' --user user:p4ssw0rd -v
• allows you to read the emails.
• Access without TLS
• telnet 10.129.203.12 143 - connect to IMAP
• telnet 10.129.203.12 110 - connect to POP3
• Access using TLS
• openssl s_client -connect 10.129.14.128:pop3s
• openssl s_client -connect 10.129.14.128:imaps
• When USING OPENSSL,
• USE LOWER CASE retr