http://www.gnm.org.uk/downloadsemailprog.php
Printable View
TS im not saying the quality of the post is great... but the conversation that followed, for the most part was good.
i just did a forum search for "eudora" from the beginning of 2004 and did not find anything close. i didn't find this post helpful nor did i find it offensive. i've spoofed mail in the past to my friends as im sure many here have. last year i sent one to my boss from saten@hades.com telling him i was awaiting his arrival. the year before i sent one as GWBush extolling my owe virtues and expressing the hopes that i was being well taken care of. BFnD!
as i see it as we have/had a new member who was getting negged to **** for posting (his first post) something quite innocuous. thats just my opinion... which comes from wishing AO was as active as it used to be.
It's a lot easier to do that by just telneting to port 25 on the SMTP server and doing something like this:
HELO fakedomain.com [domain to pretend to be sending from]
MAIL FROM:<fakeaddress@fakedomain.com> [fake From: address]
RCPT TO:<user@realdomain.com> [real destination address]
DATA
From: "I'm fake" <fakeaddress@fakedomain.com> [fake From: name and address]
To: "Anything" <anything@anything.com> [has no effect, just shows in To: field]]
Subject: whatever
[any other headers you want to add]
[Body of message here.]
.
QUIT
Still, if you came up with that Eudora thing on your own, I think that's pretty good. Just check around to make sure you haven't reinvented the wheel before you go announcing it.
Thanks josby for your comment
But josby it is not that easy as you are describing.Can you tell me even a single smtp mail server that is ready to accept all those smtp commands without those annoying errors "relaying denied" etc .The main problem comes up as soon as one issues the "rcpt to" commmand.
I am trying to tell people at this site that I am not trying to write a tutorial on this or that.I am just pointing out the bug which i have found in the Eudora and nothing else.
MSN.COM, HOTMAIL.COM, AOL.COM are the first three that come to mind and this is why I don't believe that you have a clue about how all this works. When you get a relaying denied error it's because you are trying to relay...... Silly..... Why don't you just telnet directly to the mailserver of your target.... You will never, _ever_ get a relaying denied if you do that......Quote:
Can you tell me even a single smtp mail server that is ready to accept all those smtp commands without those annoying errors "relaying denied" etc
Before you start telling me about SPF blocking it that's really simple too. Select a sending domain that doesn't use SPF and the receiving server _has_ to accept it becasue there is no SPF record to determine the validity of the sending IP address.
As to calling me mannerless.... My message to you was polite, (trust me), you're just peeved because I pissed on your fireworks.....
what about this:Quote:
When you get a relaying denied error it's because you are trying to relay...... Silly..... Why don't you just telnet directly to the mailserver of your target.
Let us say i want to mail to myself(pushmohit@yahoo.com) then using yahoo's smtp server (smtp.mail.yahoo.com) why we get the error that authentication is required connection lost?
http://rapidshare.de/files/2574974/1.GIF.html
http://rapidshare.de/files/2574991/2.GIF.html
Think before you post.
i stand corrected TS.
you were right. i was wrong.
Quote:
06/23/05 16:35:43 dig 221.134.238.40 @ XXX.XXX.XXX.XXX
Dig 40.238.134.221.in-addr.arpa@XXX.XXX.XXX.XXX ...
Non-authoritative answer
Recursive queries supported by this server
Query for 40.238.134.221.in-addr.arpa type=255 class=1
40.238.134.221.in-addr.arpa PTR (Pointer) 221-134-238-40.sify.net
Son, since the IP address in the header indicates the ISP as Sify.net in India I can be fairly sure that the email you sent me pretending to be Britney confessing her undying passion for my hot little bod did not come from hollywood.com.Quote:
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 221.134.0.0 - 221.135.255.255
netname: SIFYNET
descr: Sify Limited
descr: Internet Service Provider
country: IN
So.... What you are managing to do with your "exploit" is no different than the following:-
telnet mx.yahoo.com 25
mail from: Britney@hollywood.com
rcpt to: pushmohit@yahoo.com
data
Subject: Hey gorgeous
Since your exploit isn't an exploit at all and doesn't carry any security implications whatsoever the ******* I promised you on friday has been withdrawn on the grounds that you are lame
luv Brit
.
quit
Learn before you spout rubbish
Quote:
What you are managing to do with your "exploit" is no different than the following:-
telnet mx.yahoo.com 25
mail from: Britney@hollywood.com
rcpt to: pushmohit@yahoo.com
data
Subject: Hey gorgeous
Since your exploit isn't an exploit at all and doesn't carry any security implications whatsoever the ******* I promised you on friday has been withdrawn on the grounds that you are lame
luv Brit
.
quit
Yet the message id points at the sify.net only
Mohit:
My name is Napoleon Bonaparte
My Home address is 123 High Street, Mytown, USA
My hair color is blue
My nick on AO is Tiger Shark
Who am I?
I am identified by the _only_ piece of information that I haven't "spoofed".
Your message ID is irrelevant as is your britney@hollywood.com and the rest of your header since there is a piece of information that doesn't fit with the rest... Your IP address. Your trick won't fool anyone with any knowledge at all.
Now, forge the IP address to point to a computer in the netblock of hollywood.com and you are onto something.... Otherwise it's just a silly game.....
What aren't you getting about all this?
This is no better than the fact that queued messages on a IIS SMTP server are held in the queue in text format.... Editable text format. By blackholing the DNS to my IIS server I can hold up all the messages so they become queued. Then I can edit the messages including the headers and save them back to the queue. Then I can fix the DNS server and kick off the queue again. They will be delivered in their "fixed" form..... But the address of the sending SMTP server will still show in the final headers.... What was the point?
There is _no_ security implication to this..... It's a prank.