-
April 27th, 2004, 01:40 PM
#1
Member
Open Relaying
Hello All,
I've a doubt..
One can send spoofed mail by using telnet to smtp server of hotmail.
telnet mx1.hotmail.com 25
220 mc5-f32.hotmail.com Microsoft ESMTP MAIL Service, Version: 5.0.2195.6824 rea
dy at Wed, 23 Apr 2003 05:25:16 -0700
HELO
250 mc5-f32.hotmail.com Hello [23.3.344.534]
mail from: billgates@hotmail.com
250 billgates@hotmail.com....Sender OK
rcpt to: somebody@hotmail.com
250 somebody@hotmail.com
354 Start mail input; end with <CRLF>.<CRLF>
data
subject: Hello You
Heyy ... Me Bill ! .. Ha.. Ha..
.
250 <MC5-F32md6bEe77bMPh00099fc9@mc5-f32.hotmail.com> Queued mail for delivery
U can know more 'bout this by juz. giving a quick search on google... or El-Half's Email Forge page if u donno...
I've used DNSLookup 'n found similar servers of yahoo and rediffmail
(ie. mx1.mail.yahoo.com and mail3.rediffmail.com)
But the above method doesn't work for yahoo or rediff...
On Yahoo i tried ..
telnet mx2.mail.yahoo.com 25
220 YSmtp mta205.mail.scd.yahoo.com ESMTP service ready
HELO
250 mta205.mail.scd.yahoo.com
mail from : me@yahoo.com
501 Syntax error in parameters or arguments
What could be the problem ??
Is it becoz yahoo and rediff servers configured in a slightyly different manner ??
Does anybody know how u could actually do it on yahoo or rediff ??
I'm actually afraid whether I'm gonna get negged 4 starting this thread. Nowadays I've seen so much of neggin' in forums, most of them which I see less reason ( maybe they juz. neg some newbies to banlance their APs). Anywayz... I'm expecting your help. Thanx.
Cheers.
-
April 27th, 2004, 02:09 PM
#2
You've made a typo, it's mail from: not mail from : (note the space between from and the collon). That's what the error "501 Syntax error in parameters or arguments" is telling you.
This has nothing to do with open relays. You're actually delivering email destined for hotmail (the TO: address) to the correct mailserver.
See RFC-2822 for the correct fields.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
April 27th, 2004, 02:54 PM
#3
Junior Member
Dice is right. If in your example you had specified a RCPT TO: of an address at another network that Hotmail isn't a handler for and it delivered it, then it would be what most consider an open relay. In your example it accepted mail for delivery to what it thinks it one of it's own users (somebody@hotmail.com), as it should have. The "spoof" of the address you used is no different than if you had changed the "From:" line in any given mail client and sent a message to "somebody@hotmail.com" as you normally would.
-
April 27th, 2004, 07:39 PM
#4
you notice a space between the 0 and the colen but not the third octect in the ip addy being '355'.? and that server name does not exist.
this is not an example of something that worked because it wouldn't....not today. not in a long time. you have to have an account on a mail server unless its misconfigured and i seriously doubt you'd find this condition on hot mail. Servers come with default setting that dont allow this. someone would have to go out of their way to allow an open relay.
Telnet used to be a standard way of checking and sending mail its not a hackers 'trick'. and will still work on regular smtp/pop servers if you have an account or someone screwed up and made it an open relay.
and why would you want to use telnet. once you find an open relay you can configure your normal email client to use it. give your letter format and make it look believable.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
April 27th, 2004, 08:21 PM
#5
Wait.. call me stupid but this has nothing to do with relaying (like dice said) but has more to do with sending anonymous email. The only way it has to do with relaying is that if the SMTP server your trying to get on with doesn't have authentication. Other than that, what your talking about is anonymous email sending. And like tedob said, it's doubtful that it would work especially in today's time. That goes back to open relaying, in the sense that you need a server that doesn't have any authentication on it, and most do.
-
April 28th, 2004, 07:07 AM
#6
Member
Hello,
Thanx for ur responses .
Some Clarifications ...
Sir Dice wrote:
You've made a typo, it's mail from: not mail from : (note the space between from and the collon).
Sir Dice, I've tried mail from: ... This too does not work with yahoo.. Thanx for the RFC's
Stugein wrote:
The "spoof" of the address you used is no different than if you had changed the "From:" line in any given mail client and sent a message to "somebody@hotmail.com" as you normally would.
Stugein, by spoffing, one can not only change the from name field but also the from email address.( u can also use an email address which does not exist )
Tedob1 wrote: you have to have an account on a mail server unless its misconfigured and i seriously doubt you'd find this condition on hot mail
Tedob, I've tried this on hotmail today, I works pretty well.
Spyder32 wrote: The only way it has to do with relaying is that if the SMTP server your trying to get on with doesn't have authentication. Other than that, what your talking about is anonymous email sending. And like tedob said, it's doubtful that it would work especially in today's time. That goes back to open relaying, in the sense that you need a server that doesn't have any authentication on it, and most do
Spydy, I think u are right... Yahoo uses an authentication method so that anonymous mails cannot be sent... But in hotmail, we can still do so(*But such anonymous email headers will contain the ip of the sending system)...
Cheers.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|