Continuing my exploration of iOS Apps, I setup an email account with the iOS Mail App and Hotmail. The iOS Mail App will use whatever protocol it is configured to use to retrieve and send email. In this case, I chose Microsoft Hotmail.

To capture traffic and see what is going back and forth, I took the following steps:

  • Start an HTTP proxy on my computer
  • Generate an SSL certificate within the HTTP proxy
  • Transfer the SSL certificate and install it on the iOS device
  • Point the iOS device to the HTTP proxy

This allows me to see both HTTP and HTTPS traffic to and from the iOS device and the email provider. I selected update on the mail app and saw this:

POST https://col-m.hotmail.com/Microsoft-Server-ActiveSync?User=fakeemail@hotmail.com&DeviceId=ApplCCQJ5K4SDT75&DeviceType=iPod&Cmd=Sync HTTP/1.1
Host: col-m.hotmail.com
X-MS-PolicyKey: 0
Accept-Language: en-us
User-Agent: Apple-iPod4C1/1002.329
Proxy-Connection: keep-alive
Accept: */*
Content-Type: application/vnd.ms-sync.wbxml
Connection: keep-alive
Cookie: M_82058=M=746561706F74646F6D65008B60217A755D6FDF47D83565F83BC24806D145496CF790049F5CD0A64C4D1A; A_82058=897439716448682058_EgBsAQMAAAAEgAAACoAA45oG3YpekbSyskgs1+TxJHWYOjq3bJ/jrxVVzge3vqYZVIb5L3yRWIq8SnuWQCKcQBqp7JPOHxakjI7KNIYXVhF/gj3ByagceqzfeU0fsRpIuehHsZqCiRwt+ZiddRKuDni/xVpLGQwvOkZW87/A7CJHg/T4Q0Nx48wTNxB2c+/bAGAA2wD+fwYAUeyK5RP0c1IT9HNS9hsEAAoRIAAAGABjaXZhdGVzdGluZ0Bob3RtYWlsLmNvbQBRAAAXY2l2YXRlc3RpbmdAaG90bWFpbC5jb20AAAACVVMABTMzMTM3AAAAAAQJAgAAciVtQAAEQwAEQ2l2YQAHVGVzdGluZwRYAAAAAAAAAAAAAAAAeH0AzQfJC9gAABP0c1ITaYZSAAAAAAAAAAAAAAAADQAxNzMuMTIuNzguMzgABQAAAAAAAAAAAAAAAAABBAABAAABAAABAAAAAAAAAAAAAA==
Authorization: Basic ZmFrZWVtYW<removed>29tOmZha2VwYXNzd29yZDEy
Content-Length: 158
MS-ASProtocolVersion: 14.0