what's up with that??? DID THE SPAMMERS HAX0R MY SHIT???

8/18/2005 8:33:05 AM

If only you knew how trivial it is to spoof an email address.

8/18/2005 8:41:56 AM

mail from:smath@whereever.com
rcpt to:12342398hf30f308gh30df@whereever.com
data
subject: roflcopter
pance!
.

8/18/2005 8:47:25 AM

^ Isn't that relaying?

I thought most ISPs stopped supporting that already.

8/18/2005 3:23:28 PM

replaying is when a mail server accepts email bound for a domain that is not its own, retags it, and sends it out to the internet.

for example.

lets say somedomain.com has a mail router (mx1.somedomain.com)

i send it an email with the fake from address shaggy@h4x0rdomain.com
to the valid address gargs@domainb.com

mx1.somedomain.com gets the email b/c i sent it directly to the router.
if relaying is enabled (bad) it repackages the email as from mx1.somedomain.com and sends it to gargs@domainb.com through the proper domainb.com mail router. In this example mx1.somedomain.com is an open relay and results in lots of spam going thru it.

If relaying is disabled(good) mx1.somedomain.com realizes that gargs@domainb.com belongs to domainb.com and not somedomain.com and rejects/blackholes the email.


If i sent the email in my above post (the smath@wherever.com) to the mail router that belongs to wherever.com it would properly accept the mail.

The reason its a fun email is that as soon as whereever.com realizes that the username "12342398hf30f308gh30df" is invalid, it will send a delivery failure message back to smath@whereever.com.

Thus spamming smath's mailbox with delivery failures for messages he never actually sent.


Of course the way to fix this is to reject all email from your domain if it comes from outside your domain.

8/18/2005 3:40:57 PM

yea

I doubt your trick would work.

I know NCSU's SMTP servers don't allow email from out side their own domain.

Neither do TWC's.

I used to be able to do the Telnet 25 trick like in 1995...then everyone got intelligent.

8/18/2005 4:23:36 PM