Hello everyone, I've just recently been victim of a "fake mail" prank, I found it amusing and at the same time a bit dangerous so I decided to invest some time in learning more about email spoofing, and how far it can really go in tricking someone.
I have found some websites that offer this service for free, so I was curious as to how this worked, and learned a bit about smtp and mail servers in general. I then tried to implement it to myself using backtrack, but the information I found is either disperse or out of date, I have encountered some problems, so I would like to ask some help.
I have tried to make my own computer an smtp server using "sendmail start" and tried to email it from there using "telnet" or "sendEmail", and also tried to use my own isp's mail server but as I sent it to my google mail it always went to the spam folder, that's when I found out that most mail service providers as google mail reject mail sent from computers or ISP mail addresses.
I could use an open relay, but I also found out that these are rare these day's due to the increase in spamming, and that they quickly end up in blacklists.
(I am also aware of the social engineering mass mailer available within backtrack, which allows to send mail using google credentials, but I don't think that's considered anonymous, as your true email appears)
Besides ending in the spam folder I also noticed that whenever I used a fake @gmail.com google warned me, due to the lack of authentication, is there a way that someone could bypass this, or for now we are safe from "inside threats"?
I hope you can share some of your knowledge with be :)
Re: Email spoofing
Hello again, just wanted to share some knowledge. After reading some books and online sources I found out that what most spammers do these days is using free web host sites that offer smtp services, they then use a anonymous mass mailer php script to send their emails. As the emails are coming from a non blackliste, non private server, the email service provider doesn't recognize this as spam.
As for the gmail authentication, it is a very clever system that warns the user when a @gmail sender email is coming from a server other than gmail. Unfortunately it only authenticates @gmail emails, so any other address isn't recognize as fake.
The best thing to do is to check the headers when you are suspicious of an email, or never click links to websites, go to them through google, avoiding typos that come from writing manually in the address bar.
Hope this helps =)