Why might penetration testers choose IMAP-based methods over the web management page for Zimbra version detection?

The web management page (port 7071) may not always be exposed to the internet or could be restricted by firewall rules, making it unavailable during external penetration tests. IMAP-based methods (ports 143 or 993) are often more accessible because they are part of the email service that must be reachable for legitimate users. The article shows that IMAP can reveal the Zimbra version, and the Python script prioritizes a specific URL first, then IMAP, to maximize success in diverse network environments.