# is this a anonymous mail ?



## esumitkumar (Dec 30, 2004)

im getting this from ar.testing@rediffmail.com 

"test" as subject line

and in to field nothing is written

IP address is always the same !!! 198.65.102.33


*CAN U SEND email to ur friend from ur other friend's id without accessing his mailbox??*




X-Apparently-To: blah blah @yahoo.com via 216.136.224.241; Wed, 29 Dec 2004 21:08:20 -0800 
Authentication-Results: mta259.mail.scd.yahoo.com from=rediffmail.com; domainkeys=neutral (no sig) 
X-Originating-IP: 198.65.102.33 
Return-Path: <ar.testing@rediffmail.com> 
Received: from *198.65.102.33 *(EHLO linux11394.dn.net) (198.65.102.33) by mta259.mail.scd.yahoo.com with SMTP; Wed, 29 Dec 2004 21:08:19 -0800 
Received: from linux11394.dn.net (localhost [127.0.0.1]) by linux11394.dn.net (8.12.10/8.12.10) with ESMTP id iBU54rE1015711; Thu, 30 Dec 2004 00:04:53 -0500 
Received: (from nobody@localhost) by linux11394.dn.net (8.12.10/8.12.10/Submit) id iBU54rRp015708; Thu, 30 Dec 2004 00:04:53 -0500 
Date: Thu, 30 Dec 2004 00:04:53 -0500 
Message-Id: <200412300504.iBU54rRp015708@linux11394.dn.net> 
X-Authentication-Warning: linux11394.dn.net: nobody set sender to ar.testing@rediffmail.com using -f 
To:  
From: ar.testing@rediffmail.com  Add to Address Book 
Subject: test  
X-Mailer: PHP3 
Content-type: text/html; charset=us-ascii  
Content-Transfer-Encoding: 7bit  
Content-Length: 8 


test


----------



## din (Dec 30, 2004)

esumitkumar said:
			
		

> im getting this from ar.testing@rediffmail.com
> 
> "test" as subject line
> 
> ...



Vey Easy ! Any of the webprogramming lang ( php / perl / asp ) will do it . This is not hacking , just the mail functions in the languages . Also you can check the header and by checkin it thoroughly u can understand whether its from the real id or not

.


----------



## digen (Dec 30, 2004)

A simple whois query on the mentioned IP led me to ...

198.65.102.33  = [ mail.naukri.com ] 
  network: Class-Name: network 
  network: Auth-Area: 198.65.96.0/19 
  network: ID: NETBLK-W061-198-065-096.127.0.0.1/32 
  network: Handle: NETBLK-W061-198-065-096 
  network: Network-Name: W061-198-065-096 
  network: IP-Network: 198.65.96.0/19 
  network: In-Addr-Server;I: NS931-HST12700132 
  network: In-Addr-Server;I: NS1829-HST12700132 
  network: In-Addr-Server;I: NS4208-HST12700132 
  network: IP-Network-Block: 198.65.96.0 - 198.65.127.255 
  network: Org-Name: Verio Advanced Hosting - Dulles 
  network: Street-Address: 22451 Shaw Rd 
  network: City: Sterling 
  network: State: VA 
  network: Postal-Code: 20166 
  network: Country-Code: US 
  network: Tech-Contact;I: IA17312-VRIO.127.0.0.1/32 
  network: Created: 2003-03-28 18: 00: 2600 
  network: Updated: 2003-03-28 18: 00: 2600 

The mail server mail.naukri.com doesnt support mail relaying so it isnt possible  for someone to send you anon mail atleast.So that rules out the possibility of someone sending you anonymous email.
But there are certain things which have sort of confused me, the daemon banner that I recieved was something like:
linux11452.dn.net ESMTP Sendmail 8.13.0/8.11.6

But in your email headers indicate something else.Did I miss the point somewhere?


----------



## GNUrag (Dec 30, 2004)

I just sent an anonymous mail to myself, without knowing or writing a perl/php program. 

Just use * nslookup * to find the domain's mail exchanger... then telnet to its port 25 and compose your mail there...


*img.photobucket.com/albums/v606/anurag/digit/anonmail1.gif

Notice... i sent a mail to myself... so just as i closed the connection with the mail exchanger... i recieved a message that i recieved a new mail... which was the fake mail that i sent....


----------



## club_pranay (Dec 30, 2004)

@GNUrag   .....but.... how exactly do u do that? i remember my frnd mailed me from admin@msn.com!! i mean that's not truly legal.


----------



## esumitkumar (Dec 31, 2004)

*hi so can we send mail from like that???*

From : billgates@microsoft.com

to 

To : raabo@digit.com

U have been recruited in microsoft (HAHA   ) 


by using linux console or squirrel mail on linux???


----------



## digen (Dec 31, 2004)

Nope.By having a linux console & the mail exchange server addresses simply doesnt constitute sending a anonymous email.

For sending a anonymous email the mail server should have mail relaying enabled.
Most of the email servers have mail relaying blocked simply becuase its becoming a underground home for spammers who forge email  to thousands by taking advantage of open relay servers.

Oh btw anon email can be sent through windows too.Telnet to the rescue..  
Sending anon emai is illegal so just be careful of what you are doing.


----------



## GNUrag (Dec 31, 2004)

esumitkumar said:
			
		

> hi so can we send mail from like that???[/b]
> From : billgates@microsoft.com
> to
> To : raabo@digit.com



the domain *digit.com * does not have any mail exchanger defined.

*img.photobucket.com/albums/v606/anurag/digit/digit_mx.jpg

Anyways, let's assume that i'm sending a mail to *anurag[AT]gnu.org.in* from a non existant email billgates@microsoft.com then here is what i do. 

Note, the commands in bold is what i am supposed to type. This process includes the detection of mail exchange server, to telnetting into its smtp port and typing mail .... 



> anurag@hbcse:~/cvs-web$ *nslookup*
> Note:  nslookup is deprecated and may be removed from future releases.
> Consider using the `dig' or `host' programs instead.  Run nslookup with
> the `-sil[ent]' option to prevent this message from appearing.
> ...



I have scrambled my email address to prevent spamming. Just replace [AT] with @
And here is the email that i got that my friend Bill Gates sent to me.
*img.photobucket.com/albums/v606/anurag/digit/billgates_mail.jpg

Some short answer questions.

Q 1) How does one learn to do this ? 
Ans ) Read the documentation of * Sendmail, Postfix * and the RFC paper on SMTP protocol.

Q 2) Is this illegal to do?
Ans ) Nope. This is not illegal. This is how all the email servers deliver emails around the world. Only difference is that here a human is issuing SMTP commands.

Q 3) Is it possible without access to Unix/Linux box ?
Ans) It can be done in Windows also. Windows XP ships with * nslookup* utility. I believe so. Can someone confirm this ?


----------



## GNUrag (Dec 31, 2004)

digen verma said:
			
		

> Nope.By having a linux console & the mail exchange server addresses simply doesnt constitute sending a anonymous email.


But having an access to a remote and anonymous Unix/Linux shell account with permissions to use the nslookup/dig utility constitutes a good anonymous email.



			
				digen verma said:
			
		

> For sending a anonymous email the mail server should have mail relaying enabled.


What do you think * Direct-To-MX* emailing means ? Here email relaying/forwarding is not required at all.. And if a host is configured to reject mails directed to it, then why was it installed in the first place ???



			
				digen verma said:
			
		

> Most of the email servers have mail relaying blocked simply becuase its becoming a underground home for spammers who forge email  to thousands by taking advantage of open relay servers.


You cannot prevent Direct-to-MX emailing... Open relay servers are a different story....


----------



## digen (Dec 31, 2004)

> Q 2) Is this illegal to do?
> Ans ) Nope. This is not illegal. This is how all the email servers deliver emails around the world. Only difference is that here a human is issuing SMTP commands.


In a different case, I maybe wrong here but doesnt sending anonymous email by taking advantage of open relays illegal?



> Q 3) Is it possible without access to Unix/Linux box ?
> Ans) It can be done in Windows also. Windows XP ships with nslookup utility. I believe so. Can someone confirm this ?



Not a single version of windows has nslookup.But then there are some  third party applications such as nslookup for windows & Samspade which can do the job.



> What do you think  Direct-To-MX emailing means ? Here email relaying/forwarding is not required at all.. And if a host is configured to reject mails directed to it, then why was it installed in the first place ???
> You cannot prevent Direct-to-MX emailing... Open relay servers are a different story....


I guess I totally overlooked this case.Sorry my bad.


----------



## GNUrag (Dec 31, 2004)

digen verma said:
			
		

> In a different case, I maybe wrong here but doesnt sending anonymous email by taking advantage of open relays illegal?


But it still is wrong thing. It cannot be illegal, because according to the SMTP's and other protocol's specifications, open relay is perfectly normal behaviour. 

In fact, back in the older days of internet, when everyone used Unix, then Every email server used to relay/forward emails for everyone, and all email servers used to be Open Relay Servers. At that time internet was closed and hence there were no chances of spamming.


----------



## digen (Dec 31, 2004)

> But it still is wrong thing. It cannot be illegal, because according to the SMTP's and other protocol's specifications, open relay is perfectly normal behaviour.



Oh cool.I need to read those RFC's to get the facts straight then.



> In fact, back in the older days of internet, when everyone used Unix, then Every email server used to relay/forward emails for everyone, and all email servers used to be Open Relay Servers. At that time internet was closed and hence there were no chances of spamming.



Yup I've read about that.Since there were very few ppl using it then mail relaying was the only way of getting the email across to the destination.
Thanks man for clearing my doubts.


----------



## tuXian (Jan 1, 2005)

Try using Fastmail *www.fastmail.fm and then in the mail options select personalities option. Heres whats written there:

" You can use this screen to define 'Personalities'. A personality allows you to send email and make it appear to come from a different 'From' address."

Its very easy cuz only a couple of textboxes needs to be filled and then you too can send email from bill gates email id.


----------



## esumitkumar (Jan 1, 2005)

Ultimate Tuxian

Thanks a Ton buddy...........................  

U r really Genius !!!!!!!!

Thanks to all the other members for sharing of their knowledge 

HAPPY NEW YEAR from me !!!


----------



## Scorpion (Jan 2, 2005)

*Yeah! Windows has nslookup*

Yeah! Windows Xp Pro ver. 2002 has nslookup in it.

But mine keeps crashing at the rcpt prompt or may be the provider stopped me.

Any other better devices?


----------



## cheetah (Jan 2, 2005)

*localhost*

Hello.

I have seen the adress "mta259.mail.scd.yahoo.com" in most of the anonymous mailing softwares.I have tried it many a times But i think this server donot allow unauthenticated mail relay.

May be this person is using Local SMTP servers and in originating server he has used "mta259.mail.scd.yahoo.com" .Most mail bombers allow the originating server to be filled manually.

Also i agree with GNURAG that most of the servers these days are closed.And the servers which allow fake mails put their site,s adress at the end of every mail and donot allow more than 2-3 mails per adress so theres no chance of spamming.

That person is using local SMTP.I also have local smtp server and have sent plenty of fake mails. if u want to have a fake mail please tell me and i will show you how easy it is.


----------

