Open Relaying
Results 1 to 6 of 6

Thread: Open Relaying

  1. #1
    Member
    Join Date
    Mar 2004
    Posts
    41

    Open Relaying

    Hello All,

    I've a doubt..

    One can send spoofed mail by using telnet to smtp server of hotmail.
    telnet mx1.hotmail.com 25

    220 mc5-f32.hotmail.com Microsoft ESMTP MAIL Service, Version: 5.0.2195.6824 rea
    dy at Wed, 23 Apr 2003 05:25:16 -0700
    HELO
    250 mc5-f32.hotmail.com Hello [23.3.344.534]
    mail from: billgates@hotmail.com
    250 billgates@hotmail.com....Sender OK
    rcpt to: somebody@hotmail.com
    250 somebody@hotmail.com
    354 Start mail input; end with <CRLF>.<CRLF>
    data
    subject: Hello You
    Heyy ... Me Bill ! .. Ha.. Ha..
    .

    250 <MC5-F32md6bEe77bMPh00099fc9@mc5-f32.hotmail.com> Queued mail for delivery
    U can know more 'bout this by juz. giving a quick search on google... or El-Half's Email Forge page if u donno...

    I've used DNSLookup 'n found similar servers of yahoo and rediffmail
    (ie. mx1.mail.yahoo.com and mail3.rediffmail.com)
    But the above method doesn't work for yahoo or rediff...

    On Yahoo i tried ..
    telnet mx2.mail.yahoo.com 25

    220 YSmtp mta205.mail.scd.yahoo.com ESMTP service ready
    HELO
    250 mta205.mail.scd.yahoo.com
    mail from : me@yahoo.com
    501 Syntax error in parameters or arguments
    What could be the problem ??
    Is it becoz yahoo and rediff servers configured in a slightyly different manner ??
    Does anybody know how u could actually do it on yahoo or rediff ??

    I'm actually afraid whether I'm gonna get negged 4 starting this thread. Nowadays I've seen so much of neggin' in forums, most of them which I see less reason ( maybe they juz. neg some newbies to banlance their APs). Anywayz... I'm expecting your help. Thanx.

    Cheers.
    - SCORPION

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    You've made a typo, it's mail from: not mail from : (note the space between from and the collon). That's what the error "501 Syntax error in parameters or arguments" is telling you.

    This has nothing to do with open relays. You're actually delivering email destined for hotmail (the TO: address) to the correct mailserver.

    See RFC-2822 for the correct fields.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Junior Member
    Join Date
    Jan 2002
    Posts
    5
    Dice is right. If in your example you had specified a RCPT TO: of an address at another network that Hotmail isn't a handler for and it delivered it, then it would be what most consider an open relay. In your example it accepted mail for delivery to what it thinks it one of it's own users (somebody@hotmail.com), as it should have. The "spoof" of the address you used is no different than if you had changed the "From:" line in any given mail client and sent a message to "somebody@hotmail.com" as you normally would.
    - Stugein

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    you notice a space between the 0 and the colen but not the third octect in the ip addy being '355'.? and that server name does not exist.

    this is not an example of something that worked because it wouldn't....not today. not in a long time. you have to have an account on a mail server unless its misconfigured and i seriously doubt you'd find this condition on hot mail. Servers come with default setting that dont allow this. someone would have to go out of their way to allow an open relay.

    Telnet used to be a standard way of checking and sending mail its not a hackers 'trick'. and will still work on regular smtp/pop servers if you have an account or someone screwed up and made it an open relay.

    and why would you want to use telnet. once you find an open relay you can configure your normal email client to use it. give your letter format and make it look believable.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  5. #5
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    Wait.. call me stupid but this has nothing to do with relaying (like dice said) but has more to do with sending anonymous email. The only way it has to do with relaying is that if the SMTP server your trying to get on with doesn't have authentication. Other than that, what your talking about is anonymous email sending. And like tedob said, it's doubtful that it would work especially in today's time. That goes back to open relaying, in the sense that you need a server that doesn't have any authentication on it, and most do.
    Space For Rent.. =]

  6. #6
    Member
    Join Date
    Mar 2004
    Posts
    41
    Hello,
    Thanx for ur responses .

    Some Clarifications ...
    Sir Dice wrote:
    You've made a typo, it's mail from: not mail from : (note the space between from and the collon).
    Sir Dice, I've tried mail from: ... This too does not work with yahoo.. Thanx for the RFC's

    Stugein wrote:
    The "spoof" of the address you used is no different than if you had changed the "From:" line in any given mail client and sent a message to "somebody@hotmail.com" as you normally would.
    Stugein, by spoffing, one can not only change the from name field but also the from email address.( u can also use an email address which does not exist )

    Tedob1 wrote: you have to have an account on a mail server unless its misconfigured and i seriously doubt you'd find this condition on hot mail
    Tedob, I've tried this on hotmail today, I works pretty well.

    Spyder32 wrote: The only way it has to do with relaying is that if the SMTP server your trying to get on with doesn't have authentication. Other than that, what your talking about is anonymous email sending. And like tedob said, it's doubtful that it would work especially in today's time. That goes back to open relaying, in the sense that you need a server that doesn't have any authentication on it, and most do
    Spydy, I think u are right... Yahoo uses an authentication method so that anonymous mails cannot be sent... But in hotmail, we can still do so(*But such anonymous email headers will contain the ip of the sending system)...

    Cheers.
    - SCORPION

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •