Spoofing emails

[tadaka at gmail.com (Jason Wood)]

My personal favorite was when I used an email function in my employers
web app to send an email from bgates at microsoft.com to our unix admins.
 Watching their reaction in irc was hilarious.  One of them was so mad
when I confessed to it that he wouldn't speak to me for the rest if
the day.

I'm digging our story time.  Anyone else have fun ones to share?


On Thursday, May 14, 2009, Robin Wood <dninja at gmail.com> wrote:
> 2009/5/14 Jim Halfpenny <jim.halfpenny at gmail.com>:
> > 2009/5/14 Noah <1giglimit at gmail.com>
> > > If it is an SMTP Server that is accepting outgoing mail without
> > > authentication, and you are sending from a domain that it accepts,
> > >
> > > Isn't it possible to just use an e-mail client, say Outlook Express, and
> > > change the Reply Address?
> > >
> > > - Noah
> >
> > Quite right. That's how I used to spoof emails in the days of way back
> > (1995) when University mail relays were wonderfully permissive. Never
> > underestimate the amount of trust that end users put into the From: field;
> > I've seen people believe the most unlikely of stories because of who an
> > email purported to be from.
>
> It was always fun at uni to send friends message from the system
> admins saying they had been caught hacking and they were going to be
> investigated and their accounts suspended.
>
> Robin
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com