Results 1 to 4 of 4

Thread: Is spoofing email possible through isp server?

  1. #1
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    2

    Default Is spoofing email possible through isp server?

    Was following pureh@te's tutorial on the adobe .pdf exploit here but had trouble with sendEmail part

    I would write out an email and it would say that it was sent successfully, but yet it would never make it to the target in-box. I made sure to start the sendmail daemon. Didn't work. Then i tried to go through the gmail SMTP server with user-name and password. But nothing seemed to work.

    I think it's because the email is bouncing off a open relay it is getting filtered as spam? but i'm not sure.

    I am going bout this the wrong way? or is simply not an option to send emails this way without being considered spam?

    thanks

    quick side-note: the rest of the tutorial worked like a charm, just want to say thx to pureh@te for the bitchin tut

  2. #2
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default Re: Is spoofing email possible through isp server?

    You shouldn't be doing that. If it's not explicitly mentioned in your ToS, most ISP's rule against sending emails from just anywhere. You should be setting up your own simple mail server locally (it's not hard) and retrieving it that way.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  3. #3
    Member
    Join Date
    Feb 2010
    Location
    MTI3LjAuMC4x
    Posts
    90

    Default Re: Is spoofing email possible through isp server?

    also to point out that sending exploits to large senders isnt the best practice for a few reasons, 1. you might be violating the ToS with the "free email" service

    2. they could be scanning and blocking things which breaks your testing

    its best as pointed out to install a relay server in your LAN behind your DSL/CABLE firewall then just send from the customer IP address.

    note that most "real mail domains" will block ISP customer IP address for email.. since you cant make the reverse DNS correct for the MX record. but again its testing and just try and see, you should be able to send somewhere... or if you want to test for sure... just set up a internal lab and send from one fake domain to the other on your LAN then you will have a 100% proof of concept working.

    you can hack up backtrack to also be a mail server just a quick google on "sendmail quick how to" links you here Linux Home Server HOWTO - Sendmail Server you mileage may vary.

  4. #4
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default Re: Is spoofing email possible through isp server?

    Quote Originally Posted by spudgunman View Post
    also to point out that sending exploits to large senders isnt the best practice for a few reasons, 1. you might be violating the ToS with the "free email" service

    2. they could be scanning and blocking things which breaks your testing

    its best as pointed out to install a relay server in your LAN behind your DSL/CABLE firewall then just send from the customer IP address.

    note that most "real mail domains" will block ISP customer IP address for email.. since you cant make the reverse DNS correct for the MX record. but again its testing and just try and see, you should be able to send somewhere... or if you want to test for sure... just set up a internal lab and send from one fake domain to the other on your LAN then you will have a 100% proof of concept working.

    you can hack up backtrack to also be a mail server just a quick google on "sendmail quick how to" links you here Linux Home Server HOWTO - Sendmail Server you mileage may vary.
    I also suspect that certain large ISP's are doing filtering of certain kinds of traffic. I don't have any hard evidence to this, just a suspicion based upon my IDS logs of late.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Similar Threads

  1. Selective dns spoofing / html injection
    By vvpalin in forum Beginners Forum
    Replies: 3
    Last Post: 01-09-2011, 11:19 PM
  2. Replies: 0
    Last Post: 02-11-2010, 02:06 AM
  3. Test Server?
    By gn0xter in forum Beginners Forum
    Replies: 5
    Last Post: 02-08-2010, 10:21 PM
  4. Metasploit Framework - Server Started - No Server Started
    By mcurran in forum Beginners Forum
    Replies: 1
    Last Post: 02-07-2010, 01:11 AM
  5. X server start
    By generaluser123 in forum Beginners Forum
    Replies: 1
    Last Post: 01-20-2010, 03:33 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •