a.abhishek:~$

Available

a.abhishek:~$

a.abhishek:~$

a.abhishek:~$ project-detail

SMTP Enumeration Using Nmap

Performed SMTP enumeration using Nmap to identify mail services and gather server information during reconnaissance.

Project Category :

Enumeration

Tech Stacks :

Nmap

SMTP Enum

Read on Github

Overview

Conducted as a personal cybersecurity practice lab to understand SMTP enumeration using Nmap. The lab focused on identifying SMTP services and gathering mail-related information during the reconnaissance phase, providing practical exposure to service enumeration and SMTP security analysis.

Methodology

The following steps were performed during this project:

  1. Opened the Kali Linux terminal.

  2. Verified connectivity with the target system.

  3. Used Nmap to scan for SMTP services.

  4. Performed SMTP enumeration using Nmap NSE scripts.

  5. Analyzed the results obtained from the scan.

  6. Documented the identified SMTP information.

SMTP Enumeration using Nmap

Step 1: Open Terminal

The Linux terminal was opened in the Kali Linux environment.

Step 2: Scan for SMTP Services

The following command was used to identify SMTP services on the target system:

nmap -p 25 --script=smtp-open-relay 10.10.1.19

This command scanned the target for SMTP-related ports.

Step 3: Perform SMTP Enumeration

Nmap NSE scripts were used to enumerate SMTP information:

nmap -p 25 --script=smtp-commands 10.10.1.19

The script attempted to enumerate valid SMTP users from the target server.

Step 4: Analyze the Results

The scan results displayed:

  • SMTP service status

  • Open SMTP ports

  • Mail server information

  • Possible valid users (if enumeration was successful)

  • SMTP banner details

The collected information helps in understanding how SMTP servers may expose sensitive information.

Observations

During the lab activity, the following observations were made:

  • Nmap successfully identified SMTP services running on the target system.

  • SMTP ports such as port 25 were found open.

  • SMTP banner information was displayed.

  • Enumeration scripts attempted to retrieve valid user-related information.

  • The scan demonstrated how insecure SMTP configurations may reveal sensitive details.

This lab helped in understanding the importance of securing email services and restricting unnecessary information disclosure.

Challenges Faced

  • Certain SMTP servers blocked enumeration attempts.

  • Firewall configurations restricted access to some ports.

  • Enumeration results varied depending on the server configuration.

  • Some NSE scripts required proper syntax and permissions.

Conclusion

Hands-on cybersecurity lab focused on SMTP enumeration using Nmap and NSE scripts. The assessment involved analyzing SMTP services, open ports, banners, and exposed mail-related information during the reconnaissance phase while highlighting the importance of securing mail servers against information disclosure attacks.

System Log Analysis & Clearing Techniques

Explored log management and track-covering techniques in Windows and Linux environments to understand defensive monitoring and audit security.

Project Category :

System Hacking

Tech Stacks :

Log Analysis

Security Monitoring

View Project

© A.Abhishek | 2026

v20.05.2026

Create a free website with Framer, the website builder loved by startups, designers and agencies.