By Hunter
---------------------------------------------------------------------------
Overview
SMTP (Simple Mail
Transfer Protocol) is the protocol by which Internet mail
is sent. SMTP servers use this protocol to
communicate with other servers
or mail clients. However, by telneting
directly to a mail server and
manually speaking SMTP, one can easily send
mail from any address specified
- meaning that mail can be sent from fake addresses
while the sender's real
address is untraceable.
What is Needed?
All that you need is a generic telnet client.
Local echo should be turned
on so you can see what you type. Also, it is
important to note that SMTP
servers do not handle backspaces, so you must
type everything correctly.
How do I Start?
Telnet to
port 25 of your target SMTP server (more on SMTP servers
selection below). The server should respond
with a generic welcome message.
You will type HELO domain.name. Use any domain
name you wish as most
servers do not check the name against the IP
you are telneting from. Type
MAIL FROM: . This is where the message will
appear to be
from. Next, type RCPT TO: . This specifies who
will
receive the message. Type DATA and type the
body of your message. To send
the message, enter a line with only a period.
Type QUIT to disconnect.
Sle Session
220 hq.af.mil Sendmail 4.1/Mork-1.0 ready at
Thu, 14 Mar 96 00:26:46 EST
HELO prometheus.com
250 hq.af.mil Hello prometheus.com
(prometheus.com), pleased to meet you
MAIL FROM:
250 ... Sender ok
RCPT TO:
250 ... Recipient ok
DATA
354 Enter mail, end with "." on a
line by itself
This is the body of my message.
.
250 Mail accepted
QUIT
221 hq.af.mil delivering mail
What about message subjects?
The subject, date, to, etc. are part of the
DATA area. After the DATA
command, start with date and continue is the
fashion illustrated by the
exle code below. Make sure there are no
mistakes, because the first
mistake will cause the data to appear in the
body of the message, not
header. It is interesting, because these
fields take precedence over the
MAIL FROM: and RCPT TO: when displaying. A
message can be routed to a
person even though the message itself appears
to be addressed to someone
else. The key is to type VERY carefully.
Exle:
DATA
Date:
23 Oct 81 11:22:33
From:
SMTP@HOSTY.ARPA
To:
JOE@HOSTW.ARPA
Subject:
Mail System Problem
Sorry
JOE, your message to SAM@HOSTZ.ARPA lost.
HOSTZ.ARPA
said this:
.
End Exle
Can my mail be traced?
Yes, the IP address you mailed from can be
traced if you are not careful.
All mail will show a line in the header
listing the IP address that you
originally telneted from. If the person you
are sending mail to doesn't
know much about IP's and the like, you
shouldn't worry too much.
Furthermore, depending on your the nature of
your connection, there are
different implications. For instance, if you
have a direct connection, you
can be easily traced by your IP address. On
the other hand, if you have a
dial-in connection or service such as AOL, you
will not have a defined IP
address. You will be assigned a temporary one.
The only way your mail can
be traced with this type of connection is to
check against the dial in
service's system logs. The take-home message
is that you are safe with this
type of connection unless you do something
really stupid. Finally, the best
case scenario is a public access terminal with
no logging. This type
connection is untraceable.
Author's Note: I have found some servers that
don't log IP. Read No IP SMTP
Server
What SMTP servers can I use?
An easy (but hit-or-miss) way to find random
SMTP servers is to look at web
addresses on Yahoo! or another search engine.
Universities and government
agencies are always good choices. Find a URL
and telnet to port 25. If you
get a response, you have located an available
server. 95% of servers will
accept your mail. The others will not allow
external mail forwarding for
security reasons. Always test the server
first.
OR
Check Hunter's List of Usable SMTP Servers.
All servers on this list have
been tested and will work. A hyptertext
interface makes it easy to use the
servers.
---------------------------------------------------------------------------
Apocalypse 95
Mail to: hunter@wicked.gt.ed.net
Hunter's List of SMTP Servers
By Hunter
---------------------------------------------------------------------------
Note: There is no guarantee that the
administrators of these servers will
be happy if you use the servers. I am only
acknowledging the existence of
these servers. For a server that doesn't st
your IP on the message
header, read No IP SMTP Server
If you have a telnet client set up as a helper
app to your web browser,
simply click on the name of a server to use
the server for direct mail.
Some links may be slow.
---------------------------------------------------------------------------
Apocalypse
95
Mail to: hunter@wicked.gt.ed.net
Mail Servers with No IP Logging
Number of Servers that have updated Sendmail
versions due to my list
---------------------------------------------------------------------------
When I wrote How to Send Fake Mail Using SMTP
Servers, I said that your
messages are traceable by your IP address (it
will always be sted in the
header). Well, slowly, I am finding systems
that don't append your IP to
the message. You can send messages through
this servers, using the
techniques I described in my SMTP fakemail
tutorial, and they are totally
untraceable. If you have a telnet client set
as a helper app to your
broweser, all you have to do is click on the
link below, and you will be
connected to the respective SMTP server.
DO NOT DO ANYTHING REALLY STUPID WITH THESE
SERVERS. If a server was posted
on this list, but isn't now, don't use it!
Don't say that I didn't warn
you.
---------------------------------------------------------------------------
Apocalypse
95
---------------------------------------------------------------------------
How to find your own IP-Less Severs:
Finding your own servers that do not append IP
to message headers is a
relatively easy process if you know what to
look for. There are many SMTP
server programs out there. Sometimes you will
hit an odd system with an
unusual server program that you can test by
hand. However, the easiest way
it to look for the more common ones. By far,
the easiest to look for is a
certain older Sendmail version that many
systems still use. To find it,
connect with a server as usual. Examine the
welcome text. You are looking
for a line that looks like the following:
220 xxxx.xxxx.xxx
Smail3.1.29.1 #15 ready at Mon, 10 Jan 96 12:34 EDT
The important part is the Smail3.1.29.1. If
you find a server with this
number, 3.1.29.1, or another 3.x.x.x number,
you have what you are looking
for.
---------------------------------------------------------------------------
COMMENTS