SMTP User Enumeration
SMTP stands for Simple Mail Transfer Protocol is a TCP/IP protocol for sending E-mail messages between servers.SMTP usually is implemented to operate over Internet port 25. Nmap (Network Mapper) is the most popular port scanner which is designed to probe a server or host for open ports.
The following are the open ports that I identified on Open-xchange’s Sandbox domain sandbox.open-xchange.com (126.96.36.199)
The SMTP user enumeration can be performed automatically via Metasploit, smtp_enum module will connect to a given mail server and use a wordlist to enumerate users that are present on the remote system.
This leakage can be avoided by disallowing the execution of the commands EXPN,VRFY and RCPT.
After reporting this issue, Open-xchange resolved the vulnerability and rewarded me the bounty and it was my first bug bounty :)