Tower Defense Tip: SMTP
- Last Tower
- Feb 27, 2024
- 1 min read
Simple Mail Transfer Protocol or SMTP is a commonly used protocol which is found vulnerable and unencrypted In the wild.
If in use:
1. Make sure that your SMTP server is configured with authentication and disable the open relay feature.
2. Implement modern encryption with preferably forced (implicit) TLS to prevent data sniffing.
3. Consider restricting external access to the SMTP server to prevent brute force attacks or use a strong authentication alternative with lockouts
4. Disable VRFY and EXPN commands to prevent user enumeration.
