Social Engineering Toolkit - problem with spoofing the originator
I've been using SET in order to preform an email attack with a spoofed originator.
What option do you want to use?
1. Use a GMAIL Account for your email attack.
2. Use your own server or open relay
Enter your choice: 2
Enter the email address you want to come from (ex: email@example.com
(535, '5.7.0 authentication failed')
SET has finished deliverying the emails.
To cut a long story short, I got a mail of my email provider saying my email was rejected. They also added a list of possible causes:
1. Use of a dynamic IP address for E-Mail dispatch:
WEB.DE does not accept any E-Mail on its incoming mail servers originating from dynamic IP addresses. Instead, use your provider's designated SMTP Server.
2. Use of an IP address without a reverse DNS entry for E-Mail dispatch:
WEB.DE does not accept any E-Mail on its incoming mail servers originating from IP numbers without a resolvable DNS entry. Update your DNS zone files and afterwards contact us to re-evaluate your IP number(s).
3. HELO with spam pattern
A complete and plausible HELO/EHLO as described in RFC 2821 must be sent.
4. Operation of an open relay:
Your server has been identified to be an open relay. To avoid further spreading of Spam E-Mail routed through your server, we will not accept any mail originating from your server. Please fix all security flaws within your system before contacting us to re-evaluate your IP number(s).
5. Automatic identification of a server as a Spam mail server:
According to our frequency measurement, your server has been identified as a Spam mail server. This might point to a virus contamination concerning your system or the clients using the system for dispatch. This automatic evaluation might be erroneous due to large amounts of E-Mails being sent out (e.g. dispatch of newsletters etc.) by your server? please investigate within your system to that effect. Generally this rejection persists only for a temporary amount of time; however, if problems concerning E-Mail dispatch consist, please contact us for further investigation.
6. Manual identification of a server as a Spam mail server:
You server has been manually evaluated by our Anti-Spam Team and has been identified to be a Spam mail server. This rejection is permanent and will not be revoked.
I think point 1,2 and/or 4 could be the cause.
Do you have any idea how to fix this?
Configuring sendmail to use my domain name (implying I already got one) instead of my dynamic ip would fix point 1, wouldn't it?