PaulDotCom mailing list archives

Spoofing emails

From: d4ncingd4n at gmail.com (d4ncingd4n at gmail.com)
Date: Thu, 14 May 2009 19:38:56 +0000

I always enjoyed using bmail to send emails from Santa.Claus at northpole.com 

Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: Jason Wood <tadaka at gmail.com>

Date: Thu, 14 May 2009 09:49:44 
To: PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com>
Subject: Re: [Pauldotcom] Spoofing emails

My personal favorite was when I used an email function in my employers
web app to send an email from bgates at microsoft.com to our unix admins.
 Watching their reaction in irc was hilarious.  One of them was so mad
when I confessed to it that he wouldn't speak to me for the rest if
the day.

I'm digging our story time.  Anyone else have fun ones to share?

On Thursday, May 14, 2009, Robin Wood <dninja at gmail.com> wrote:

2009/5/14 Jim Halfpenny <jim.halfpenny at gmail.com>:



2009/5/14 Noah <1giglimit at gmail.com>


If it is an SMTP Server that is accepting outgoing mail without
authentication, and you are sending from a domain that it accepts,

Isn't it possible to just use an e-mail client, say Outlook Express, and
change the Reply Address?

- Noah


Quite right. That's how I used to spoof emails in the days of way back
(1995) when University mail relays were wonderfully permissive. Never
underestimate the amount of trust that end users put into the From: field;
I've seen people believe the most unlikely of stories because of who an
email purported to be from.


It was always fun at uni to send friends message from the system
admins saying they had been caught hacking and they were going to be
investigated and their accounts suspended.

Robin
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Spoofing emails, (continued)
- - - Spoofing emails Dimitrios Kapsalis (May 11)
    - Spoofing emails Russell Butturini (May 11)
    - Spoofing emails Robin Wood (May 11)
    - Spoofing emails Noah (May 13)
    - Spoofing emails Jason Wood (May 13)
    - Spoofing emails Jim Halfpenny (May 14)
    - Spoofing emails Robin Wood (May 14)
    - Spoofing emails Jason Wood (May 14)
    - Spoofing emails Jim Halfpenny (May 14)
    - Spoofing emails Sam Buhlig (May 14)
    - Spoofing emails d4ncingd4n at gmail.com (May 14)
    - Spoofing emails Jim Halfpenny (May 15)
    - Spoofing emails Jack Daniel (May 15)
  - Spoofing emails natron (May 15)
    - Spoofing emails John Miller (May 15)
    - Spoofing emails natron (May 17)