September 29th, 2003, 04:49 AM
I am looking for an open relay, just one for learning purposes. I looked on google, various searches, and nothing turned up, I also looked for open relay scanners, but the only lead I got was a scanner used on *nix and I'm on Winbloze. If you do know of one I would appreciate you PMing me with it, as I don't want anyone to abuse it by posting it out in the open.
If anyone happens not to know what an open relay is and cares, I'll give you a short introduction. An open relay is a SMTP email server that allows 3rd party relay of email messages. (all that junk mail you get, and you can't figure out where it came from, is sent from open relays) Normally an email server, such as Yahoo or Hotmail, will allow its users to send email anywhere in the world, it will also accept email from anywhere in the world as long as it is addressed to a user of Yahoo or Hotmail, what it will not do is allow a user of aol.com to send an email to someone at mail.com.
Open relays used to be useful, now they're used mainly to send mass emails from undiscoverable soliciters of junk mail. Normally the owner of the server isn't aware this is going on, and once he finds out his resources are being put to other uses, he'll take the proper steps to disable the relay option.
Brief intro, if you want to know more - google it
September 29th, 2003, 04:59 AM
I may be totally stupid, but can't you find one from just looking at the detailed header of some junkmail, or using Sam Spade 1.14 on it?
Please be careful..............they may be infuriatingly incompetent to let it happen but it IS THEIR equipment, resource and bandwidth. And they might get you in trouble with your ISP and God knows who else....
France? hmmmm the S.D.E.C.E I think...................do they still chill out on the Paris ring road?...when they are not blowing up Greenpeace protest ships?
Be careful, and lawful.
September 29th, 2003, 05:00 AM
Hehehe...yes, I found plenty online if I want to drop $200 for a 6 month membership but if I had $200 to drop on something like that...I'd buy my own damn box and set it up for open relays lol Thanks for giving it a look -
I did try looking at some of my received spam mail headers, for e.g.:
Received: from mc12-f13.hotmail.com ([188.8.131.52]) by mc12-s12.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Sun, 28 Sep 2003 20:36:13 -0700
Received: from 300bbcqywxduntkd.com ([184.108.40.206]) by mc12-f13.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Sun, 28 Sep 2003 20:36:04 -0700
X-OriginalArrivalTime: 29 Sep 2003 03:36:04.0719 (UTC) FILETIME=[CFB09FF0:01C3863A]
The part in red is what should help me, and I can open a session with some of them, but then it gives me a diff. error message each time, from 'relaying isn't allowed' to 'unknown command "rcpt" ' and I will continue to try them, just I need some more junk mail, I checked some 'friend's accounts' but same thing wherever I go. Also, I've noticed a lot of the junk mail has the same prefix, as in mx1.floundermail.com (PowerMTA(TM) v2.0r4) and the only part that changes is the 'floundermail' ...
Anyway...back to hunting...
September 29th, 2003, 05:31 AM
Although you have to pay to gain access to the updated list, you can grab a couple by clicking "View" after any of the abbreviated hostnames/IPs. On the right side, its should list a few.
I cant guarantee the validity of any of them, but it may be worth a try.
It\'s 106 miles to Chicago, we\'ve got a full tank of gas, half a pack of cigarettes, it\'s dark and we\'re wearing sunglasses.
September 29th, 2003, 05:36 AM
Tx again as I am getting nowhere going through all the junkmail in the world. Relaying is denied on the vast majority of them, and the others, like I said, have some other *quirk* to them that won't allow it. I am stumbling across some interesting spoofs though.
Received: from 220.127.116.11 (HELO local.domain) (18.104.22.168) by mta129.mail.scd.yahoo.com with SMTP; Fri, 12 Sep 2003 14:36:05 -0700
Received: from local (root@localhost [127.0.0.1]) by localhost (8.12.6/8.12.6) with SMTP id 3842
You read them bottom to top, meaning that the origin is the first one listed at the bottom, or in this case, "local (root@localhost [127.0.0.1]) hehehe...would like to know how it's done.
Getting a bit annoyed now, tx for the reply though, I had clicked on view but I overlooked the relays listed @ the bottom right. Tried them all, only one seems to want to work. Here's how far I get:
(250 Hello Tosser [myipaddy], pleased to meet you
mail from: email@example.com
250 <firstname.lastname@example.org... Sender ok
rcpt to: email@example.com
250 <firstname.lastname@example.org... Recipient ok
data Quick not to let you know what a tosser I am
354 Enter mail, end with "." on a line by itself
Anyone have any ideas? I've followed how it's supposed to be done. I've tried using hard enter to get to the next line, I've tried simply space baring til the next line, tried typing just a period, and even tried typing the period with the quotes (".") and I get the same error every time. This is the farthest any of the *open relays* has gone for me, all the others cut off after I try to input a recipient. Tx -
September 29th, 2003, 06:18 AM
umm, couldnt quite understand what your having trouble with. I assume it is the DATA command.
Here is an example;
DATA<CRLF>Insert message here<CRLF>Use carriage returns like this<CRLF>to make it multiline, finish message with a single period<CRLF>.<CRLF>
+OK message sent
etc etc.. If you dont know, CRLF (carriage return/line feed) can be sent by pressing 'return' in your telnet client.
September 29th, 2003, 06:27 AM
Abtronic: Exactly what I'm having problems with is the *data* command (sort of) I'm doing everything correctly:
data <email message>
Any other ideas? That's why I'm stuck...I know it's right, and I've toyed around with one line of text to multiple lines, etc...nothing
September 29th, 2003, 07:46 AM
you aren't quite understanding what abtronic was saying.
you can repeat the message text as many times as you'd like to attempt to somewhat format email. What OS are you running? If you are running 2k/XP/2k3 install IIS, they have an SMTP server that you can start up and use for your own testing purposes.
data <press enter>
message text <press enter>
. <press enter>
IT Blog: .:Computer Defense:.
(Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".