# 110 - POP3

## Introduction

**Port**: 110 (TCP)

The **Post Office Protocol** (POP) is an Internet standard protocol for transferring messages from an e-mail server to an e-mail client.

## Enumeration

With the Nmap scripts, you can retrieve information about the server.

* To include information about: NetBios, DNS and OS build version.

```bash
nmap -n -p 110,995 --script=pop3-ntlm-info <TARGET>
```

* To show which commands the server supports.

```bash
nmap -n -p 110,995 --script=pop3-capabilities <TARGET>
```

Also, you can use the Metasploit module `auxiliary/scanner/pop3/pop3_version` in order to obtain the pop3 version.

## Commands

In this subsection, you will find some useful commands in order to interact with the POP3 service through CLI.

### Login

You can interact with a POP3 services following these steps.

```bash
[telnet <IP> <PORT>] | [nc -nC <IP> <PORT>]
ehlo example.com #Some servers also accept helo in place of ehlo.
USER <USERNAME>
PASS <PASSWORD>
```

### Listing emails

```bash
> list
1 897
2 5136
```

### Read an email

```bash
retr 2 
```

### Delete an email

```bash
dele 2
```