How to Setup Mail Server for Penetration Testing using hMail

From Wikipedia

Hello friends! Today we are disscussing “configuration of SMTP mail server” for sending mail in your LAN network.  

SMTP stands for simple mail transfer protocol communication between mail servers uses TCP port 25 Mail clients on the other hand; often submit the outgoing emails to a mail server on port 587. For retrieving messages, client applications usually use either IMAP or POP3.

POP3 stands for Post Office Protocol (POP) is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection. It uses port 110 for receiving mail

IMAP stands for Internet Message Access Protocol (IMAP) is also an Internet standard protocol used by e-mail clients to retrieve e-mail messages from a mail server over a TCP/IP connection. It uses port 143 for receiving mail

Lets start!!

Configure static ip in your network for SMTP server as shown below.

Download hmailserver and install it in your system (windows). This installation program will create a hmailServer user with administration rights. Here you need to give password for admin so that you will be able to manage its installation.

Click on connect which will connect hmailserver to localhost.

Enter admin password to login into hmailserver and click on OK to continue.

You can take help of nmap to ensure whether SMTP with other Service such as IMAP and PoP3 has been running successfully on remote system (192.168.1.104).

Nmap 192.168.1.104

From given image to you can observe that all three services SMTP PoP3 IMAP are running on port 25 110 and 143 respectively.

Also new port 587 will get open for submission (SMTP outgoing mail).

After login into hmailserver it will ask to add domain name therefore click on ADD domain.

Enter the domain name of your choice such as pentestlab.local and click the check box for Enable.

Now at last click on save which will create a domain “pentestlab.local” into hailmail server.

From given image you can observe pentestlab.local had been created on the left panel. After then click on Account in order to create a new user for your mail server.

Click on ADD

Now follow the given below step to create a user for your own mail server.

Address: username (info)

Password: Give password for username

Click the check box for Enable

Click on save

Repeat the step to create more users for mail server.

From given image you can see I had created three users and for mail server at least you should create two accounts, one account for sender and other for receiver.

Select all three protocols SMTP, POP3, IMAP as show in image.

Click on SMTP given in left panel select Advance option and type your IP “192.168.1.104” to bind your local IP with mail server.

After than select Advance option in left panel and type you’re your domain name (for example pentestlab.local) as default domain and click on save.

Select Auto-ban under Advance given in left panel. Uncheck Enable for auto-ban.

Now open host file from given path system32 > drivers > etc > hosts

Edit your IP (192.168.0.104) with domain name (penetstlab.local) as shown in given image.

Now use two different systems in your local network for sending mail through them.

System 1st

Open Microsoft outlook and select option Add account.

Click the radio button for “Manual setup or additional server type”

Click on next.

Click the radio button to choose service for IMAP or pop Click on next.

Enter the information of mail server for setting your account as given below:

User information

  • Your name: info
  • You email: [email protected] (provide an email id which you have created in hmail server account.)

Server information

  • Account type: pop3
  • Incoming mail server: 168.0.104
  • Outgoing mail server: 168.0.104

Logon information

Click on more setting and choose option outgoing server and enable following services:

  • Use same setting (smtp) requires authentication
  • Use same setting as my incoming mail server

Click on OK

In order to verify server setting for account click on “Test on Account Setting”

From given image you can observe it is showing green ticks for both tasks with status “completed”. It will show status “fail” if it found any error in account setting.

System 2nd

Open Microsoft outlook and select option Add account and repeat above step for mail server account setting.

Note: now you’re having two different accounts on two different systems in same local network as sender and receiver.

Now we are testing our mail server by sending mail from one system to another with different account.

Sender: [email protected]

Receiver: [email protected]

Here we are Sending message from system 1st to 2nd through Microsoft outlook. You can use another method also for account setting and sending mail for example Thunderbird.

Open raj account of 2nd system and verify whether user received any mail form send info or not. Form given image can see we have successfully received mail in raj account.

In this way you can configure your own mail server for local network.

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here

Related Posts Plugin for WordPress, Blogger...

Leave a Reply