IMAP Server Data Sheet
Test Suite:
IMAP Server
Direction:
Server

IMAP4 Server Test Suite helps you eliminate security flaws from your email server implementations efficiently and cost-effectively. Proactive elimination of vulnerabilities results in significant cost savings in development and maintenance, producing more stable and dependable email systems that your end users can trust. Internet Message Access Protocol (IMAP) version 4 is a standard for fetching email messages from Internet mail servers. It is widely used by most email users in the Internet. Due to its ubiquitousness, the modern society has come to depend on email and the availability of email services. This places high requirements for the quality of email protocol implementations, so that services are not disrupted by malformed data and malicious attacks. IMAP4 Server Test Suite has been developed for testing IMAP version 4 server implementations for current and future security flaws and robustness problems. It is an automated black-box negative testing solution that combines unparalleled testing efficiency with a proven track record and superior technological design. The test suite can be used to test any IMAP4 server implementations.

Used specifications

Specification
Title
RFC3501

Internet Message Access Protocol - Version 4rev1

RFC2177

IMAP4 IDLE Command

Tool-specific information

Tested messages
Notes
Specifications
APPEND
RFC3501, RFC3502
AUTHENTICATE
RFC3501
CAPABILITY
RFC3501
CHECK
RFC3501
CLOSE
RFC3501
CREATE
RFC3501
DELETE
RFC3501
EXAMINE
RFC3501
EXPUNGE
RFC3501
IDLE
RFC2177
LIST
RFC3501
LOGIN
RFC3501
LOGOUT
RFC3501
LSUB
RFC3501
NOOP
RFC3501
RENAME
RFC3501
SELECT
RFC3501
STARTTLS
RFC3501
STATUS
RFC3501
SUBSCRIBE
RFC3501
UNSUBSCRIBE
RFC3501

Supported protocol features
Notes
Specifications
Transport over TCP
RFC3501

Supported SafeGuard Checks

Authentication Bypass

Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis