id: imap-detect
info:
name: Imap Detection
author: pussycat0x
severity: info
description: |
IMAP is an application-layer protocol used by email clients to retrieve messages from a mail server. It was designed to manage multiple email clients, therefore clients generally leave messages on the server until the user explicitly deletes them.
metadata:
verified: true
shodan-query: 'imap'
tags: network,detect,imap,mail
network:
- inputs:
- data: "\n"
host:
- "{{Hostname}}"
- "{{Host}}:143"
matchers-condition: and
matchers:
- type: word
words:
- "OK "
- "IMAP4rev1"
condition: and