How to Forge Email

Have you ever wanted to trick your friends by sending them fake emails? You could

send email from 'georgebush@whitehouse.gov', Bill Gates, your boss or principal, or

anyone else. Imagine the possibilities! Here's how to do it.

[edit] Steps

1. Open a command prompt by clicking Start, Run, and type cmd in the box and

press OK. You should get a black "Command Prompt" screen.

* This can be done with the Terminal.app in Macintosh OS X and the

command line in most Unix and Linux based operating systems.

2. You will need an SMTP server address to proceed. Here is how to find one:

1. On the command-line type nslookup.

2. Then type set type=mx.

3. Finally, enter the name of any website, for instance,

hazemdesigns.srhost.info.

4. This will return the following: Non-authoritative

answer:hazemdesigns.srhost.info mail exchanger = 0 ASPMX.L.GOOGLE.COM..

5. The aspmx.l.google.com part is what you need. This is an SMTP server

address.

6. Type exit to exit out of nslookup.

3. Type telnet aspmx.l.google.com 25. 25 is the port number most SMTP servers

use. Learn more about telnet.

4. When the mail server responds, you can start typing SMTP commands.

5. Start with helo blahblah.google.com. You may have to use your ISP's domain

name for it to be accepted.

6. If it says 'at your service' or something like that, continue with the

address you want the mail to come FROM. So, to forge mail from Bill Gates, type

mail from: <billg@microsoft.com>.

7. If it says OK, type who you want the mail to go to, i.e. your friends

address. Type rcpt to: <yourfriend@isp.com>

8. If it says Recipient OK, then you can type your message:

1. Type data and press Enter.

 2. On the first line type Subject: yoursubject and press Enter twice.

3. Continue typing your message, such as 'I'm bill gates and want to send

you a billion dollars'.

4. Put a single period (.) on a line by itself and press Enter to send

your message. The server should say 'Message accepted for delivery'.

9. You are done. You have just forged an email, and the recipient should be

receiving it shortly.

10. You can test to see if a given SMTP server is configured for forwarding by

using online tools.

[edit] Tips

* ZMail, an open-source application for linux, windows, and mac, does all of

this for you. All you have to do is enter the from-address, the to-address, an smtp

server, and your message.

* This site provides a list of SMTP servers, provided by google, that work

perfectly for forging emails. No authentication is required.

* if you do not see the letters you type in your terminal application use the

echo command.

* Practice sending the message to yourself a few times until you get the hang

of it.

* Send it to yourself and view all the headers to make sure nothing that easily

identifies you as the sender (like your computer name) shows up.

* Servers which run enhanced SMTP will also accept 'ehlo blahblah.isp.com'. You

may still need to use your ISP's domain name for it to be accepted.

* It is normally easier just to find one of the many free websites that will

allow you to send emails to anyone from anyone.

* As mentioned in the warnings, most SMTP servers have relaying disabled. Many

times you can overcome this by connecting to the ISP of the target email, since the

server will accept it as a "local delivery" - i.e., if the target's address is

"joe@company.com" telnet to "company.com" and forge it from there. Most

"@company.com" mail servers are either "company.com", "mail.company.com" or

"smtp.company.com".

* If you use Windows telnet client and make a spelling mistake do not use the

backspace key, instead, press ^] (CTRL+RIGHT BRACKET) to terminate the connection

and try again. The backspace key is transmitted incorrectly and will result in odd

characters appearing in the final message.

* Some individuals believe running an open relay is a free speech issue,

including John Gilmore, a long time Internet "personality" and one of the founders

of the The Electronic Frontier Foundation. As a result most ISPs do not accept mail

from Gilmore's servers.

[edit] Warnings

* This method of forging email may not work at times. Almost all Internet

service providers' SMTP servers and some private SMTP servers require

authentication before permitting email to be sent. You can manually authenticate

with an SMTP server, but you'll need to read RFC 2554 to learn how. Also, an SMTP

server will generally only relay a message if it is either FROM or TO an address

with the same domain name as its own.

* This is not a foolproof method of sending anonymous email. Only a small

amount of effort is required for a diligent party to positively identify you as the

sender.

* All that your ISP and law enforcement needs to do is look at the email

headers and see the date/time and IP address the message came from. You can then be

held accountable for any harm you may have caused by your email.

* Some U.S. states now have laws against fraudulent email, especially when tied

to a commercial endeavor. Be aware of any