hacktricks/network-services-pentesting/pentesting-smtp/smtp-commands.md

# SMTP - 命令

{% hint style="success" %}
学习和实践 AWS 黑客技术：<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks 培训 AWS 红队专家 (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
学习和实践 GCP 黑客技术：<img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks 培训 GCP 红队专家 (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>支持 HackTricks</summary>

* 查看 [**订阅计划**](https://github.com/sponsors/carlospolop)!
* **加入** 💬 [**Discord 群组**](https://discord.gg/hRep4RUj7f) 或 [**Telegram 群组**](https://t.me/peass) 或 **关注** 我们的 **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **通过向** [**HackTricks**](https://github.com/carlospolop/hacktricks) 和 [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) GitHub 仓库提交 PR 分享黑客技巧。

</details>
{% endhint %}

<figure><img src="/.gitbook/assets/pentest-tools.svg" alt=""><figcaption></figcaption></figure>

**即时可用的漏洞评估和渗透测试设置**。从任何地方运行完整的渗透测试，提供 20 多种工具和功能，从侦察到报告。我们不取代渗透测试人员 - 我们开发自定义工具、检测和利用模块，以便让他们有更多时间深入挖掘、获取 shell 并享受乐趣。

{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}

**命令来自：** [**https://serversmtp.com/smtp-commands/**](https://serversmtp.com/smtp-commands/)

**HELO**\
这是第一个 SMTP 命令：它开始对话，识别发送者服务器，通常后面跟着其域名。

**EHLO**\
开始对话的替代命令，表明服务器正在使用扩展 SMTP 协议。

**MAIL FROM**\
通过此 SMTP 命令，操作开始：发送者在“发件人”字段中声明源电子邮件地址，并实际开始电子邮件传输。

**RCPT TO**\
它识别电子邮件的收件人；如果有多个，命令会逐个地址重复。

**SIZE**\
此 SMTP 命令通知远程服务器附加电子邮件的估计大小（以字节为单位）。它也可以用于报告服务器接受的最大消息大小。

**DATA**\
通过 DATA 命令，电子邮件内容开始传输；通常后面跟着服务器给出的 354 回复代码，允许开始实际传输。

**VRFY**\
请求服务器验证特定电子邮件地址或用户名是否实际存在。

**TURN**\
此命令用于在客户端和服务器之间反转角色，而无需建立新的连接。

**AUTH**\
通过 AUTH 命令，客户端向服务器进行身份验证，提供其用户名和密码。这是保证正确传输的另一层安全性。

**RSET**\
它通知服务器正在进行的电子邮件传输将被终止，但 SMTP 对话不会关闭（如 QUIT 的情况）。

**EXPN**\
此 SMTP 命令请求确认邮件列表的身份。

**HELP**\
这是客户端请求一些对成功传输电子邮件有用的信息。

**QUIT**\
它终止 SMTP 对话。

<figure><img src="/.gitbook/assets/pentest-tools.svg" alt=""><figcaption></figcaption></figure>

**即时可用的漏洞评估和渗透测试设置**。从任何地方运行完整的渗透测试，提供 20 多种工具和功能，从侦察到报告。我们不取代渗透测试人员 - 我们开发自定义工具、检测和利用模块，以便让他们有更多时间深入挖掘、获取 shell 并享受乐趣。

{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}

{% hint style="success" %}
学习和实践 AWS 黑客技术：<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks 培训 AWS 红队专家 (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
学习和实践 GCP 黑客技术：<img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks 培训 GCP 红队专家 (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>支持 HackTricks</summary>

* 查看 [**订阅计划**](https://github.com/sponsors/carlospolop)!
* **加入** 💬 [**Discord 群组**](https://discord.gg/hRep4RUj7f) 或 [**Telegram 群组**](https://t.me/peass) 或 **关注** 我们的 **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **通过向** [**HackTricks**](https://github.com/carlospolop/hacktricks) 和 [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) GitHub 仓库提交 PR 分享黑客技巧。

</details>
{% endhint %}
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`# SMTP - 命令`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`{% hint style="success" %}`
			`学习和实践 AWS 黑客技术：<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks 培训 AWS 红队专家 (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`学习和实践 GCP 黑客技术：<img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks 培训 GCP 红队专家 (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`<details>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`<summary>支持 HackTricks</summary>`
Translated ['network-services-pentesting/pentesting-mssql-microsoft-sql- 2024-01-02 22:21:01 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`* 查看 [订阅计划](https://github.com/sponsors/carlospolop)!`
			`* 加入 💬 [Discord 群组](https://discord.gg/hRep4RUj7f) 或 [Telegram 群组](https://t.me/peass) 或关注我们的 Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* 通过向 [HackTricks](https://github.com/carlospolop/hacktricks) 和 [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) GitHub 仓库提交 PR 分享黑客技巧。`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
GITBOOK-3884: change request with no subject merged in GitBook 2023-04-30 21:54:03 +00:00			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`{% endhint %}`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['network-services-pentesting/512-pentesting-rexec.md', 'netw 2024-08-04 15:17:39 +00:00			`<figure><img src="/.gitbook/assets/pentest-tools.svg" alt=""><figcaption></figcaption></figure>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['network-services-pentesting/512-pentesting-rexec.md', 'netw 2024-08-04 15:17:39 +00:00			`即时可用的漏洞评估和渗透测试设置。从任何地方运行完整的渗透测试，提供 20 多种工具和功能，从侦察到报告。我们不取代渗透测试人员 - 我们开发自定义工具、检测和利用模块，以便让他们有更多时间深入挖掘、获取 shell 并享受乐趣。`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'network-services-pentesting/512-pentesting-rex 2024-07-29 09:26:26 +00:00			`{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`命令来自： [https://serversmtp.com/smtp-commands/](https://serversmtp.com/smtp-commands/)`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`HELO\`
Translated ['network-services-pentesting/512-pentesting-rexec.md', 'netw 2024-08-04 15:17:39 +00:00			`这是第一个 SMTP 命令：它开始对话，识别发送者服务器，通常后面跟着其域名。`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`EHLO\`
Translated ['network-services-pentesting/512-pentesting-rexec.md', 'netw 2024-08-04 15:17:39 +00:00			`开始对话的替代命令，表明服务器正在使用扩展 SMTP 协议。`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`MAIL FROM\`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`通过此 SMTP 命令，操作开始：发送者在“发件人”字段中声明源电子邮件地址，并实际开始电子邮件传输。`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`RCPT TO\`
Translated ['network-services-pentesting/512-pentesting-rexec.md', 'netw 2024-08-04 15:17:39 +00:00			`它识别电子邮件的收件人；如果有多个，命令会逐个地址重复。`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`SIZE\`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`此 SMTP 命令通知远程服务器附加电子邮件的估计大小（以字节为单位）。它也可以用于报告服务器接受的最大消息大小。`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`DATA\`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`通过 DATA 命令，电子邮件内容开始传输；通常后面跟着服务器给出的 354 回复代码，允许开始实际传输。`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`VRFY\`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`请求服务器验证特定电子邮件地址或用户名是否实际存在。`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`TURN\`
Translated ['network-services-pentesting/512-pentesting-rexec.md', 'netw 2024-08-04 15:17:39 +00:00			`此命令用于在客户端和服务器之间反转角色，而无需建立新的连接。`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`AUTH\`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`通过 AUTH 命令，客户端向服务器进行身份验证，提供其用户名和密码。这是保证正确传输的另一层安全性。`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`RSET\`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`它通知服务器正在进行的电子邮件传输将被终止，但 SMTP 对话不会关闭（如 QUIT 的情况）。`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`EXPN\`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`此 SMTP 命令请求确认邮件列表的身份。`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`HELP\`
Translated ['network-services-pentesting/512-pentesting-rexec.md', 'netw 2024-08-04 15:17:39 +00:00			`这是客户端请求一些对成功传输电子邮件有用的信息。`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			`QUIT\`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`它终止 SMTP 对话。`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['network-services-pentesting/512-pentesting-rexec.md', 'netw 2024-08-04 15:17:39 +00:00			`<figure><img src="/.gitbook/assets/pentest-tools.svg" alt=""><figcaption></figcaption></figure>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['network-services-pentesting/512-pentesting-rexec.md', 'netw 2024-08-04 15:17:39 +00:00			`即时可用的漏洞评估和渗透测试设置。从任何地方运行完整的渗透测试，提供 20 多种工具和功能，从侦察到报告。我们不取代渗透测试人员 - 我们开发自定义工具、检测和利用模块，以便让他们有更多时间深入挖掘、获取 shell 并享受乐趣。`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'network-services-pentesting/512-pentesting-rex 2024-07-29 09:26:26 +00:00			`{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`{% hint style="success" %}`
			`学习和实践 AWS 黑客技术：<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks 培训 AWS 红队专家 (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`学习和实践 GCP 黑客技术：<img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks 培训 GCP 红队专家 (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`<details>`
Translated ['network-services-pentesting/pentesting-mssql-microsoft-sql- 2024-01-02 22:21:01 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`<summary>支持 HackTricks</summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`* 查看 [订阅计划](https://github.com/sponsors/carlospolop)!`
			`* 加入 💬 [Discord 群组](https://discord.gg/hRep4RUj7f) 或 [Telegram 群组](https://t.me/peass) 或关注我们的 Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* 通过向 [HackTricks](https://github.com/carlospolop/hacktricks) 和 [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) GitHub 仓库提交 PR 分享黑客技巧。`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 11:24:45 +00:00			`{% endhint %}`