Skip to main content

SMTP credentials

Description#

General#

  • Documentation: https://tools.ietf.org/html/rfc5321
  • Summary: SMTP (Simple Mail Transfer Protocol) is a communication protocol for email transmission. This detector aims at catching SMTP credentials in the form of a host, a port, a username and a password, assigned to variables.
  • IPs allowlist: A range of allowlisted IP addresses can be specified on the server side.
  • Scopes: An SMTP server can enforce some restrictions on outbound traffic preventing some users to send emails.

Revoke the secret#

Secret revocation consists in changing the user's email password.

Check for suspicious activity#

Suspicious activity essentially consists of fraudulent email sent on behalf of a user and can thus manually be reported.

Details for Smtp assignment#

  • Family: Other

  • Category: Messaging system

  • High recall: False

  • Validity check available: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 240.06

  • Prefixed: False

  • PreValidators:

- type: ContentWhitelistPreValidator  patterns:  - smtp- type: ContentWhitelistPreValidator  patterns:  - pass- type: ContentWhitelistPreValidator  patterns:  - host  - address- type: ContentWhitelistPreValidator  patterns:  - user  - email

Examples#

- text: |    @@ -13,20 +13,28 @@    # SECURITY WARNING: KEEP secret    SECRET_KEY = {{SECRET_KEY}}    +EMAIL_USE_TLS = True    +EMAIL_HOST = smtp.gmail.com    +EMAIL_HOST_USER = sdrbog@gmail.com    +EMAIL_HOST_PASSWORD = Mdsf324n1523    +EMAIL_PORT = 587
  username: sdrbog@gmail.com  password: Mdsf324n1523  host: smtp.gmail.com  port: "587"
- text: |    @@ -13,20 +13,28 @@    # SECURITY WARNING: KEEP secret    SECRET_KEY = {{SECRET_KEY}}    +EMAIL_USE_TLS = True    +EMAIL_HOST = smtp.gmail.com    +EMAIL_HOST_USERNAME = sdrbog@gmail.com    +EMAIL_HOST_PASSWORD = Mdsf324n1523    +EMAIL_PORT = 587
  username: sdrbog@gmail.com  password: Mdsf324n1523  host: smtp.gmail.com  port: "587"
- text: |    @@ -13,20 +13,28 @@    # SECURITY WARNING: KEEP secret    SECRET_KEY = {{SECRET_KEY}}    +EMAIL_USE_TLS = True    +EMAIL_HOST = smtp.gmail.com    +EMAIL = sdrbog@gmail.com    +EMAIL_HOST_PASSWORD = Mdsf324n1523    +EMAIL_PORT = 587
  username: sdrbog@gmail.com  password: Mdsf324n1523  host: smtp.gmail.com  port: "587"
- text: |    @@ -13,20 +13,28 @@    # SECURITY WARNING: KEEP secret    SECRET_KEY = {{SECRET_KEY}}    +EMAIL_USE_TLS = True    +EMAIL_HOST = smtp.gmail.com    +EMAIL_HOST_USER = sdrbogdsfsdfsdfsdASDSADAS@gmail.com    +EMAIL_HOST_PASSWORD = Mdsf324n1523    +EMAIL_PORT = 587


    +# PostgesSQL    +#spring.datasource.driver-class-name=org.postgresql.Driver    +#spring.datasource.url=jdbc:postgresql://localhost:5432/cpas    +#spring.datasource.username=postgres    +#spring.datasource.password=12345
  username: sdrbogdsfsdfsdfsdASDSADAS@gmail.com  password: Mdsf324n1523  host: smtp.gmail.com  port: "587"
- text: |    @@ -13,20 +13,28 @@    # SECURITY WARNING: KEEP secret    SECRET_KEY = {{SECRET_KEY}}    +EMAIL_USE_TLS = True    +EMAIL_HOST = smtp.gmail.com    +EMAIL_HOST_USERNAME = bob    +EMAIL_HOST_PASSWORD = Mdsf324n1523    +EMAIL_PORT = 587
  username: bob  password: Mdsf324n1523  host: smtp.gmail.com  port: "587"
- text: |    +SMTP_USE_TLS = True    +SMTP_HOST = outlook.office365.com    +SMTP_HOST_USERNAME = bob    +SMTP_HOST_PASSWORD = Mdsf324n1523    +SMTP_PORT = 587
  username: bob  password: Mdsf324n1523  host: outlook.office365.com  port: "587"
- text: |    @@ -13,20 +13,28 @@    # SECURITY WARNING: KEEP secret    SECRET_KEY = {{SECRET_KEY}}    +EMAIL_USE_TLS = True    +EMAIL_HOST = smtp.exmail.qq.com    +EMAIL_HOST_USERNAME = bob    +EMAIL_HOST_PASSWORD = Mdsf324n1523    +EMAIL_PORT = 587
  username: bob  password: Mdsf324n1523  host: smtp.exmail.qq.com  port: "587"