PaulDotCom mailing list archives

Spoofing emails

From: dninja at gmail.com (Robin Wood)
Date: Thu, 14 May 2009 12:52:55 +0100

2009/5/14 Jim Halfpenny <jim.halfpenny at gmail.com>:



2009/5/14 Noah <1giglimit at gmail.com>


If it is an SMTP Server that is accepting outgoing mail without
authentication, and you are sending from a domain that it accepts,

Isn't it possible to just use an e-mail client, say Outlook Express, and
change the Reply Address?

- Noah


Quite right. That's how I used to spoof emails in the days of way back
(1995) when University mail relays were wonderfully permissive. Never
underestimate the amount of trust that end users put into the From: field;
I've seen people believe the most unlikely of stories because of who an
email purported to be from.


It was always fun at uni to send friends message from the system
admins saying they had been caught hacking and they were going to be
investigated and their accounts suspended.

Robin

Current thread:

Spoofing emails, (continued)
- - - Spoofing emails natron (May 11)
    - Spoofing emails Rob Fuller (May 11)
    - Spoofing emails Robin Wood (May 11)
    - Spoofing emails MV (May 11)
    - Spoofing emails Dimitrios Kapsalis (May 11)
    - Spoofing emails Russell Butturini (May 11)
    - Spoofing emails Robin Wood (May 11)
    - Spoofing emails Noah (May 13)
    - Spoofing emails Jason Wood (May 13)
    - Spoofing emails Jim Halfpenny (May 14)
    - Spoofing emails Robin Wood (May 14)
    - Spoofing emails Jason Wood (May 14)
    - Spoofing emails Jim Halfpenny (May 14)
    - Spoofing emails Sam Buhlig (May 14)
    - Spoofing emails d4ncingd4n at gmail.com (May 14)
    - Spoofing emails Jim Halfpenny (May 15)
    - Spoofing emails Jack Daniel (May 15)
  - Spoofing emails natron (May 15)
    - Spoofing emails John Miller (May 15)
    - Spoofing emails natron (May 17)