Certified Ethical Hacker (CEH v12) — Question 279

What useful information is gathered during a successful Simple Mail Transfer Protocol (SMTP) enumeration?

Answer options

• A. A list of all mail proxy server addresses used by the targeted host.
• B. The internal command RCPT provides a list of ports open to message traffic.
• C. The two internal commands VRFY and EXPN provide a confirmation of valid users, email addresses, aliases, and mailing lists.
• D. Reveals the daily outgoing message limits before mailboxes are locked.

Correct answer: C

Explanation

Option C is correct because the VRFY and EXPN commands in SMTP specifically allow for the validation of users and the enumeration of mailing lists, which is crucial information for attackers. Options A, B, and D are incorrect as they either refer to irrelevant details not typically gathered through SMTP enumeration or misrepresent the functions of the SMTP commands.