How to Forge E-mail =================== -note: some mail servers won't let you send outside their mail domain and some won't let you send from an address outside their domain (relevant to spammers) -how to find a mail server? 1. guess mail. (eg. mail.google.com) 2. check the headers in your e-mails 3. use nslookup ==== Example: use nslookup to get the mail servers for mit.edu athena% nslookup > set type=mx > mit.edu Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: mit.edu mail exchanger = 100 M24-004-BARRACUDA-1.mit.edu. mit.edu mail exchanger = 100 M24-004-BARRACUDA-2.mit.edu. mit.edu mail exchanger = 100 M24-004-BARRACUDA-3.mit.edu. mit.edu mail exchanger = 100 W92-130-BARRACUDA-1.mit.edu. mit.edu mail exchanger = 100 W92-130-BARRACUDA-2.mit.edu. mit.edu mail exchanger = 100 W92-130-BARRACUDA-3.mit.edu. Authoritative answers can be found from: mit.edu nameserver = STRAWB.mit.edu. mit.edu nameserver = BITSY.mit.edu. mit.edu nameserver = W20NS.mit.edu. M24-004-BARRACUDA-1.mit.edu internet address = 18.7.7.111 M24-004-BARRACUDA-2.mit.edu internet address = 18.7.7.112 M24-004-BARRACUDA-3.mit.edu internet address = 18.7.7.114 W92-130-BARRACUDA-1.mit.edu internet address = 18.7.21.220 W92-130-BARRACUDA-2.mit.edu internet address = 18.7.21.223 W92-130-BARRACUDA-3.mit.edu internet address = 18.7.21.224 BITSY.mit.edu internet address = 18.72.0.3 W20NS.mit.edu internet address = 18.70.0.160 STRAWB.mit.edu internet address = 18.71.0.151 ==== Examples: connecting to a mail server from the command line. Note: the number after the mail server, 25 in this case, is the port we're connecting to. The convention is that SMTP, our mail protocol, uses 25. To see more port conventions, look at /etc/services. telnet outgoing.mit.edu 25 telnet biscayne-one-station.mit.edu 25 telnet M24-004-BARRACUDA-1.mit.edu 25 telnet aspmx.l.google.com 25 ==== Once on the mail server, how to compose an e-mail: 1. helo foo.domain eg. helo jesstess.mit.edu or helo foobar.google.com 2. mail from 3. rcpt to jesstess@mit.edu 4. data (now enter body) 5. Subject: your subject (then press enter twice) 6. (body info, followed by . on line by itself) === Example transcript of a full session: jessica-mckellars-macbook:~ jesstess$ telnet aspmx.l.google.com 25 Trying 74.125.45.114... Connected to aspmx.l.google.com. Escape character is '^]'. 220 mx.google.com ESMTP 9si23343407yxs.35 helo jesstess.google.com 250 mx.google.com at your service 555 5.5.2 Syntax error. 9si23343407yxs.35 mail from: 250 2.1.0 OK 9si23343407yxs.35 rcpt to: 250 2.1.5 OK 9si23343407yxs.35 data 354 Go ahead 9si23343407yxs.35 From: "OBAMA" Subject: TESTING hihihihi . 250 2.0.0 OK 1232863407 9si23343407yxs.35