Smath74 All American 93278 Posts user info edit post |
what's up with that??? DID THE SPAMMERS HAX0R MY SHIT??? 8/18/2005 8:33:05 AM |
BobbyDigital Thots and Prayers 41777 Posts user info edit post |
If only you knew how trivial it is to spoof an email address. 8/18/2005 8:41:56 AM |
Shaggy All American 17820 Posts user info edit post |
mail from:smath@whereever.com rcpt to:12342398hf30f308gh30df@whereever.com data subject: roflcopter pance! . 8/18/2005 8:47:25 AM |
esgargs Suspended 97470 Posts user info edit post |
^ Isn't that relaying?
I thought most ISPs stopped supporting that already. 8/18/2005 3:23:28 PM |
Shaggy All American 17820 Posts user info edit post |
replaying is when a mail server accepts email bound for a domain that is not its own, retags it, and sends it out to the internet.
for example.
lets say somedomain.com has a mail router (mx1.somedomain.com)
i send it an email with the fake from address shaggy@h4x0rdomain.com to the valid address gargs@domainb.com
mx1.somedomain.com gets the email b/c i sent it directly to the router. if relaying is enabled (bad) it repackages the email as from mx1.somedomain.com and sends it to gargs@domainb.com through the proper domainb.com mail router. In this example mx1.somedomain.com is an open relay and results in lots of spam going thru it.
If relaying is disabled(good) mx1.somedomain.com realizes that gargs@domainb.com belongs to domainb.com and not somedomain.com and rejects/blackholes the email.
If i sent the email in my above post (the smath@wherever.com) to the mail router that belongs to wherever.com it would properly accept the mail.
The reason its a fun email is that as soon as whereever.com realizes that the username "12342398hf30f308gh30df" is invalid, it will send a delivery failure message back to smath@whereever.com.
Thus spamming smath's mailbox with delivery failures for messages he never actually sent.
Of course the way to fix this is to reject all email from your domain if it comes from outside your domain. 8/18/2005 3:40:57 PM |
esgargs Suspended 97470 Posts user info edit post |
yea
I doubt your trick would work.
I know NCSU's SMTP servers don't allow email from out side their own domain.
Neither do TWC's.
I used to be able to do the Telnet 25 trick like in 1995...then everyone got intelligent. 8/18/2005 4:23:36 PM |