tags:

views:

38

answers:

2
Q: 

Editing Email Headers

Halo out there!

I was reading an article before that learns you how to expose an email sender..

So this article describes the way that someone can change the email headers (Received) and send you a fake email. E.g He change one received header and makes you believe that this mail comes from halo.com and not from hotmail.com .

My question is how something like this can happen ? I thought something but i don't know if i m right . My thought is about changing these headers with some php script..

Anyway.. If someone knows more things about this subject lets talk to us :) and give us some more info... :)

Thanks a lot!

+1  A: 

From your question, I'm assuming you wish to fraudulently send out email with a fake sender. There is really nothing special you need to do... nothing in the SMTP specification in any way enforces that you are who you say you are... so, go right ahead and spam the world. We will be looking forward to seeing your ip addresses show up in our reputation lists ;-)

If you do have a legitimate use, please expand your question with some more information about what you are actually trying to do.

kasperjj  2010-06-19 19:27:48
A: 

If you just want to make an email look like it's coming from someone else you can do it by setting the mail from of the email to whatever you want. Some SMTP servers might refuse to accept your email if that address isn't from a domain that they accept but some will accept anything. You do not need to do any programming to do this but it might be easier, you could do it by just telnetting into your SMTP server and sending the correct commands.
All you need to know is in the RFC 821 as described here. I'd suggest looking at your prefered programming language and see if it has any SMTP library/classes that could help you out if you want to do an application for doing it.

Be aware though, this would only make it look to come from that email address in a superficial manner, it's easy to spot that it's fake and it's quite possible that some spam filter would swallow it before it arrived, and it would also be quite likely that it would be easy to trace you down as the sender if you sent something malicious.

ho1  2010-06-19 19:27:57

related questions

I ALMOST understand how email works, but I'm missing something.
Sending Email in .NET Through Gmail
MS hotfix delayed delivery.
How to send email from a program _without_ using a preexisting account?
Email SMTP validator
Maximum length of a MIME Content-Type header field?
If email is not the answer then what is?
Accessing an Exchange Server without Outlook
Recommendations for a .NET component to access an email inbox
Email queueing in php
How do I open the default mail program with a Subject and Body in a cross-platform way?
How do I send a file as an email attachment using Linux command line?
Read from .msg files
What was your biggest mistake involving programmatically sending email?
Good email service for bulk emailing
parsing raw email in php
Is there any wiki engine that supports page creation by email?
Sending emails without looking like spam
What's in your .procmailrc
Why won't Entourage work with Exchange 2007?
Can I use JavaScript to create a client side email?
E-mail Notifications
Is a "Confirm Email" input good practice when user changes email address?
MAPI and managed code experiences?
How do you make sure email you send programmatically is not automatically marked as spam?