Description
- Internet Message Access Protocol (IMAP) allows you to read emails using email service / remote server
- Post Office Protocol (POP3) downloads email and stores it on client’s device, it is then deleted from the server
- SMTP is used to send emails and clients have access to emails when the sent emails are in IMAP folder
- IMAP is unencrypted but SSL/TLS can be used
Port
- Establishes connection on port 143 and 993 (encrypted connection)
- POP3 uses port 110 and 995 (encrypted connection)
Interaction / Commands
| Protocol | Command | Description |
|---|---|---|
| IMAP | 1 LOGIN username password | logging in |
| IMAP | 1 LIST "" ** | listing directories |
| IMAP | 1 CREATE “INBOX” | creating mailbox |
| IMAP | 1 DELETE “INBOX” | deleting mailbox |
| IMAP | 1 RENAME “ToRead” “Important” | renaming mailbox |
| IMAP | 1 LSUB "" ** | active or subscribed names |
| IMAP | 1 SELECT INBOX | selecting mailbox |
| IMAP | 1 UNSELECT INBOX | exiting selected mailbox |
| IMAP | 1 FETCH | retrieving data from message in mailbox |
| IMAP | 1 CLOSE | removing messages with Deleted flag |
| IMAP | 1 LOGOUT | logging out |
| POP3 | USER username | identifies user |
| POP3 | PASS password | authenticates user |
| POP3 | STAT | retrieving number saved emails |
| POP3 | LIST | retrieving number and size emails |
| POP3 | RETR id | deliver email |
| POP3 | DELE id | delete email |
| POP3 | CAPA | display capabilities of server |
| POP3 | RSET | reset transmitted information |
| POP3 | QUIT | closes connection |
Logging in using cURL
curl -k 'imaps://IP_Address' --user user:password
cURL
Stands for client URL and is used to transfer data to and from a server
Interacting with IMAP or POP3 server over SSL
openssl s_client -connect IP_Adress:pop3s
openssl s_client -connect IP_Adress:imaps
Footprinting
sudo nmap IP_Address -sV -p110, 143, 993, 995