2
1
I read that you can connect to an SMTP server (like gmail, hotmail, etc) via telnet, and manually put in commands to send anonymous email (or even worse, send email with a false "from" address). Is this still possible? (I'm receiving many emails from dubious addresses.)
Diogo
Posted 2011-05-26T14:00:37.903
Reputation: 28 202
7
As Wes said, it's possible, depends of the server's level of security. Below is a classic telnet sequence against a SMTP server :
$ telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 hostname.server.net ESMTP Postfix
EHLO dummydummy
250-hostname.server.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
MAIL FROM:<fake@email.net>
250 2.1.0 Ok
RCPT TO:<recipient@email.net>
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
test
.
250 2.0.0 Ok: queued as 8ACF13E1B8
QUIT
feub
Posted 2011-05-26T14:00:37.903
Reputation: 186
3
Though historically possible, and permitted by email-related specifications, many modern anti-spam measures will thwart or curtail attempts to do this.
Many SMTP servers check DNS Block Lists before accepting mail and home user IP ranges are often blocked as a matter of policy. Modern SMTP servers frequently also scrutinize the "from" address, checking that the domain is valid, and that the IP address of the sending machine is authorized by that domain to send emails (SPF). Techniques such as greylisting do not outright prevent manually sending mail, but they make the process more onerous by forcing the user to send the same message more than once with a delay in between. Even if the email is accepted by the SMTP server, anti-spam software that analyzes message content will often flag messages with apparently bogus sender information, or that doesn't appear to be sent by normal mail software.
In summary, it's still possible, but it's not easy. The from addresses in your spam are almost certainly fake, but the fakery was probably done with spam-specific software--not manually.
blahdiblah
Posted 2011-05-26T14:00:37.903
Reputation: 3 125
2
Yes, it is still possible. It's fairly easy to deliver mail from a completely bogus sender because SMTP doesn't try to ensure the sender is an actual account or a valid email address, for example. Hence the start of the spam era...
The only thing that has made it harder lately is that you can't connect to just "anywhere" to deliver mail to "anywhere else". IE, you can't connect to microsoft's server and try to send mail to an @apple.com address. Microsoft should now only accept mail for a microsoft recipient. But it'll still accept it from anyone@anywhere.com even if it doesn't exist.
Wes Hardaker
Posted 2011-05-26T14:00:37.903
Reputation: 1 796
One can do pretty much anything with manual smtp, but the problem is that it can be hard to craft a mail that doesn't get detected as spam or that doesn't get rejected. It is also very probable that the server will add your IP in the mail headers. So you would have to do as if you received it from some other server, but such things don't resist any serious analysis. However it's worth noting that, from the SMTP point of view, you can have any adress in the FROM field. – Yves – 2014-09-17T14:28:15.010
The recipient (the address following
– user1686 – 2011-05-26T15:17:50.223FROM:orTO:) must be a valid "reverse-path", between<>and without separating whitespace. (See RFC 5321 § 3.3 and § 4.1.2.) Other forms are only accepted by software for backwards compatibility reasons.