Collaborate Disseminate
Whenever I open my email client (Thunderbird), I see some junk mails that have the timestamp of the exact moment, when my client downloaded them via IMAP. So emails with the exact same timestamp of just now. I doubt I received the emails j… Continue reading How do junk/spam mails get the "current" timestamp applied?
I have a Gmail account that uses POP to download emails from a GWS (Google Workspace) inbox, effectively another Gmail account.
In order for this to work, I had to turn on LSA (Less Secure App) for that GWS account.
Now Google is ending L… Continue reading Googles shutting down LSA and its effect on Gmail IMAP/POP [migrated]
an attacker manipulated the IBAN of an invoice.pdf attached to a received email. The question remains, can said attacker manipulate/change such a pdf client-side and cause an IMAP synchronization with the webmailer provided by a hoster?
I … Continue reading Is it possible for an attacker to change an email-attachment of a received email client-side and synchronize it via IMAP with Webmailer?
I am trying to set up an email server using postfix, dovecot and roundcube, I am following the official documentation. I have set up separate servers for intranet and internet emails as well as set up TLS (for internet), clamav and spamass… Continue reading What can be practical vulnerabilities in an email setup? [closed]
I encountered an open TCP/143 IMAP port which responded with this banner:
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ STARTTLS AUTH=PLAIN AUTH=LOGIN AUTH=DIGEST-MD5 AUTH=CRAM-MD5] Dovecot ready.
From this I … Continue reading What does the IMAP banner alone show regarding security (STARTTLS, hashing, information disclosure)?
As an experiment, I attempted to setup a CNAME for mail.mydomain.com pointing to mail.myisp.com, and using mail.mydomain.com instead of mail.myisp.com in setting up email clients connecting to that using TLS (aka SSL) for IMAP/POP/SMTP
One… Continue reading CNAME redirection and certificate
I agree that – as always – having two protocols available potentially offers a greater attack surface than either of them. I know Active Sync allows to enforce organisational admin capabilities to wipe mobile devices, which may help for se… Continue reading Genuine security of IMAP vs Exchange Active Sync mail access
Some of the most successful and lucrative online scams employ a “low-and-slow” approach — avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from many people over an extended period. Here’s the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online. Continue reading Gift Card Gang Extracts Cash From 100k Inboxes Daily
I need to send and check email (via IMAP email servers) from my web app. Storing credentials on server seems like problem as they are almost always plain text.
So if I store them in client browser’s storage how security risk this could be?… Continue reading IMAP credentials in WEB (browser) app – how to use securely
I found apparently successful logins from a foreign ip-address to our cyrus-imap server:
Nov 24 08:16:20 server-1 cyrus/imaps[12101]: starttls: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits new) no authentication
Nov 24 08:16:20 s… Continue reading Strange cyrus/imaps Logins without valid password