|
How to Send Fake Mail Using SMTP Servers
Overview
SMTP is the protocol by which Internet mail is sent. SMTP servers
use this protocol to communicate with other servers or mail clients.
However, by telneting directly to a mail server and manually speaking
SMTP, one can easily send mail from any address specified - meaning
that mail can be sent from fake addresses while the sender's real
address is untraceable.
RFC 821
SIMPLE MAIL TRANSFER PROTOCOL (SMTP)
Jonathan B. Postel
August 1982
The objective of Simple Mail Transfer Protocol (SMTP) is to transfer
mail reliably and efficiently.
What do I need ?
All that you need is a generic telnet client. Local echo should
be turned on so you can see what you type. Also, it is important
to note that SMTP servers do not handle backspaces, so you must
type everything correctly.
How do I Start?
Telnet to port 25 of your target SMTP server (more on SMTP servers
selection below). The server should respond with a generic welcome
message. You will type HELO domain.name. Use any domain name you
wish as most servers do not check the name against the IP you are
telneting from. Type MAIL FROM: <from@wherever.com>. This
is where the message will appear to be from. Next, type RCPT TO:
<to@wherever.com>. This specifies who will receive the message.
Type DATA and type the body of your message. To send the message,
enter a line with only a period. Type QUIT to disconnect.
Sample Session - Bold text is user input:
220 OK
HELO faker.com
250 Hello faker.com (faker.com), pleased to meet you
MAIL FROM:<satan@hell.org>
250 <satan@hell.org>... Sender ok
RCPT TO:<info@astalavista.com>
250 <info@astalavista.com>... Recipient ok
DATA
354 Enter mail, end with "." on a line by itself
from:satan
subject:Lamer
This is the body of my message.
.
250 Mail accepted
QUIT
221 OK |
Note
When the SMTP Server is using q-mail (find out by typing HELP when
connected) you have to type the charset and mime info:
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Can my mail be traced?
Yes, This is traceable by any sysadmin ... don't harass people this
way.
If the person receiving the mail uses a shell like elm he/she
will not see the telltale fake message warning "Apparently-To:(name)"
even if not, most people wouldn't know
what it means anyway. Make sure you use a four part address somebody@part1.pt2.pt3.pt4
so as to make it look more believable and cover any add-ons the
mail routine might try. Put a realistic mail header in the mail
message to throw people off even more. If there are To: and Date:
lines then the program probably won't add them on.
Also try to telnet to the site where the recipient has his account.
This works better if you know how to fool it.
What SMTP servers can I use?
An easy (but hit-or-miss) way to find random SMTP servers is to look
at web addresses on Yahoo! or another search engine. Universities
and government agencies are always good choices. Find a URL and telnet
to port 25. If you get a response, you have located an available server.
95% of servers will accept your mail. The others will not allow external
mail forwarding for security reasons. Always test the server first.
What about message subjects?
The subject, date, to, etc. are part of the DATA area. After the
DATA command, start with date and continue is the fashion illustrated
by the example code below. Make sure there are no mistakes, because
the first mistake will cause the data to appear in the body of the
message, not header. It is interesting, because these fields take
precedence over the MAIL FROM: and RCPT TO: when displaying. A message
can be routed to a person even though the message itself appears
to be addressed to someone else. The key is to type VERY carefully.
|