You are in: Articles / Security / Mail injection through WebMail applications

Mail injection through WebMail applications

Both of these methods work for any WebMail interface that interacts with the mail server through IMAP and SMTP. If the WebMail interface is built into the server itself, exploiting it would imply knowing beforehand how the information is parsed on the server side. With any IMAP / SMTP session, this information is provided in the RFC of the protocol and can be used as a reference. Thus, exploiting these protocols is not a very complicated task, but depends on the skills and the actual agenda of the attacker.
Rating: 12345
Page 4 of 4
Leave a comment

Note: all fields marked with (*) are required
Comments (0)
Close send to email window

Verification code

Already a member?
Blacklist monitoring alerts
sign up Signup for our real-time monitoring service and receive email notifications each time one of your IPs gets blacklisted.
Free Signup
Mail Server Operating System Poll

What OS do you use for your email server?
disabled next

How many mailboxes do you currently manage?
previous next

Would you like to comment upon the choosing of this particular OS?

DNS Tools
Get IP status, owner and location, obtain its corresponding hostname or check specific ports.
Ping Statistics
Reverse DNS Lookup
Whois Info (IP owner)
GeoIP Information
Check Port
Open Relay Test
Test if your mail server is an open relay for spammers.
Blacklist Checker
Check if your IP is listed in DNS based email blacklists (DNSBL)