Service:
imap
Protocol:
TCPPort:
143Used for:
Internet Message Access Protocol for accessing and managing email on mail serversWhy It’s Open
Port 143 is used for Internet Message Access Protocol (IMAP), the standard protocol for remote email management. Unlike POP3, IMAP synchronizes messages across multiple devices by keeping them on the server. While modern implementations prefer IMAPS (port 993), many mail servers still support unencrypted IMAP for legacy compatibility.
Common Risks
- Cleartext Communication
Transmits credentials and emails without encryption - Authentication Attacks
Vulnerable to brute force and password spraying - Traffic Interception
Unencrypted sessions can be monitored - Version Disclosure
Server banners reveal software information - Session Vulnerabilities
Unencrypted tokens risk hijacking
Want to save time on reporting?
Let PentestPad generate, track, and export your reports - automatically.
Enumeration & Testing
Check if it’s open:
nmap -sT -p 143Test IMAP connection:
openssl s_client -connect :143 -starttls imapBanner grabbing:
nc -nv 143What to Look For
| Checkpoint | What it means |
|---|---|
| Unencrypted IMAP | Authentication and data exposure |
| Visible version info | Reveals software details |
| Missing STARTTLS | No encryption upgrade option |
| Anonymous login | Potential unauthorized access |
Mitigation
- Enforce IMAPS
Use port 993 exclusively when possible - Mandate STARTTLS
Require encryption for all IMAP connections - Implement MFA
Add multi‑factor authentication - Rate Limit Logins
Prevent brute force attempts - Network Restrictions
Limit access to required IP ranges
TL;DR
- Standard unencrypted IMAP port
- Should be replaced with IMAPS
- High risk of credential attacks
- Requires encryption and access controls
Known CVEs and Exploits
- CVE-2019-19722 – Cyrus IMAP auth bypass via weak
allowallconfiguration - CVE-2018-19518– Dovecot mailbox indexing info leak
- CVE-2017-14461– UW IMAP buffer overflow via crafted input