Abstract:
Latest developments of the Mozilla Autoconfig Protocol should lead to a more simple way to configure E-Mail clients since the configuration is done automatically. This eliminates the need for the user to manually enter the configuration data. Since the resulting configuration depends entirely on the E-Mail provider; This thesis aims to analyze the security of the files provided for automatic configuration. We analyzed the usage of the Mozilla Autoconfig Protocol against the Tranco 1M List with a large scale scan. While only 2.96% of the domains provided a valid Autoconfiguration file, the majority of these files were secure and fulfilled current security standards. Less than 0.15% of the domains, delivering a valid Autoconfiguration (Autoconfig) file were found to hand out any suspicious or insecure configurations.