CyberSecC@ptBlackb3ard
  • 🦜Welcome
  • Cyber Security
    • Offensive Security
      • Penetration Testing Methodology
      • Pre-Engagement Interaction
      • Reconnaissance (Information Gathering)
        • Open-Source Intelligence (OSINT)
      • Scanning and Enumeration
        • Domain Enumeration
        • Network Enumeration
          • Network Mapper (nmap)
          • Port/Protocol & Service Enumeration & Attack
            • File Transfer Protocol (FTP): 20, 21
              • Trivial File Transfer Protocol (TFTP): 69
              • FTP over SSL/TLS (FTPS): 989, 990
            • Secure Shell (SSH): 22
            • Telnet: 23
            • Simple Mail Transfer Protocol (SMTP): 25
              • SMTP Secure (SMTPS): 587
            • Domain Name System (DNS):53
            • Dynamic Host Configuration Protocol (DHCP): 67, 68
            • Hyper Text Transfer Protocol (HTTP): 80
              • HTTP over SSL/TLS (HTTPS): 443
            • Kerberos: 88
            • Post Office Protocol version 3 (POP3): 110
            • Network Time Protocol (NTP): 123
            • Remote Procedure Call (RPC): 135
            • NetBIOS: 137, 138, 139
            • Internet Message Access Protocol (IMAP): 143
            • IMAP over SSL/TLS: 933
            • Internet Relay Chat (IRC): 194
            • Light Weight Directory Access Protocol (LDAP): 389
              • LDAP over SSL/TLS (LDAPS): 636
            • Server Message Block (SMB): 445
              • Hostname
              • Shared Folders
            • Network File System (NFS): 2049
            • Microsoft SQL Server: 1433
            • MySQL Server: 3306
            • PostgreSQL Server: 5432
            • Remote Desktop Protocol (RDP): 3389
            • Border Gateway Protocol (BGP): 179
            • Remote Authentication Dial-In User Service (RADIUS): 1812, 1813
        • Web Enumeration
      • Security Assessment Report Writing
      • Tools
        • Cryptography & Encoding
          • Password Recovery
        • Network Tools
  • Networking
    • OSI and TCP/IP Model
      • Common Network Ports & Protocols
  • Cloud
    • Cloud Computing
  • General
    • Cyber Security Theory
      • Information Security
      • Cybersecurity Resilience
      • Cybersecurity Posture
    • Terms and Acronyms
    • Database Cheat Sheets
Powered by GitBook
On this page
  1. Cyber Security
  2. Offensive Security
  3. Scanning and Enumeration
  4. Network Enumeration
  5. Port/Protocol & Service Enumeration & Attack
  6. Simple Mail Transfer Protocol (SMTP): 25

SMTP Secure (SMTPS): 587

Security Weaknesses:

  • Misconfigured or weak SSL/TLS versions expose communication to interception.

  • Susceptible to email spoofing and phishing attacks.

  • Lack of SPF, DKIM, and DMARC configurations increases spoofing risks.

Security Defense and Mitigation Measures:

  • Require TLS 1.2 or higher for secure email transmission.

  • Configure SPF, DKIM, and DMARC records to validate email authenticity.

  • Implement email filtering solutions to detect phishing attempts.

  • Regularly update and patch SMTPS servers.

Indicators of Compromise or Attack:

  • Increased delivery failures due to spoofed emails.

  • Unusual outbound email traffic patterns.

  • Repeated login attempts from unknown IPs.

PreviousSimple Mail Transfer Protocol (SMTP): 25NextDomain Name System (DNS):53

Last updated 5 months ago