I tripped over this little gem .. check it out!
address:
http://www.netcreations.com/fakemail/
Explaining Fakemail
It's really quite simple. You can send mail to anyone on the net, even
on the really lame online services like AOL. But what if you could
send mail from anyone on the net?
Date: Tue, 2 May 1995 21:53:25 -0400
From: Bill Clinton <president@whitehouse.com>
To: Ryan Scott <rscott@netcreations.com>
Subject: Misuse of public funds.
Ryan-
This is to let you know that although *I* find
the Fake Mail concept intriguing, the Feds hate it.
We intend to do everything in our power to put a
stop to this afront to the American People, and to
get our grant money back!
President Bill Clinton
With Fakemail, you can send faked mail to anyone on the net, from
anyone on the net, or even a completely made up address. To the
untrained eye, it looks pretty damn authentic. In the interest of full
disclosure, and so that we can say we warned you, here's a similar
Fakemail with "full headers" visible:
Received: from prod1.satelnet.org (prod1.satelnet.org
[204.157.227.1]) by netcreations.com (8.6.9/8.6.9)
with SMTP id VAA120458 for <rscott@netcreations.com>
Tue, 2 May 1995 21:57:31 -0400
Received: by prod1.satelnet.org; (5.65/1.1.8.2/04Mar95-0901AM)
id AA25592; Tue, 2 May 1995 21:57:34 -0400
Date: Tue, 2 May 1995 21:57:34 -0400
Message-Id: <9505030157.AA25592@prod1.satelnet.org>
To: Ryan Scott <rscott@netcreations.com>
From: "Albert Gore Jr." <vicepresident@whitehouse.mil>
X-Http: //www.netcreations.com/fakemail/
Subject: Misuse of public funds.
Mr. Scott,
We are shocked and horrified at your blatant attempt
to create a traffic jam on my Information Superhighway
and the President and I intend to crack down on your
little scheme as viciously as we did on the Branch
Davidians in Waco!
Sincerely,
Al.
All Fakemail from this server will look similar in that the mail has
X-from Http://www.netcreations.com/fakemail/
I added that data because I don't want you doing anything really
stupid. If you want to threaten the president, write your own Fakemail
program.
Many people do not know how to turn 'full headers' on, and if your
mail is realistic enough, you could fool most anyone!
If you have any great mail to share, please send it to us at
rscott@netcreations.com.
Above all HAVE FUN!
Fakemail Home
========================================================================
SPAT upon the WIRES by:The Right Reverend Ed <R.REVV.ED>
Elder Elder of the Pegram,Tennessee SOLO CLENCH "Bob" IS Dobbs!
YETI.GENED * REBEL.RAISED * BLESSED.IN.SLACK * ELECTRO.EVANGELISM
flashboy@cris.com*NOTHING on REQUEST*p.n.n.a.* f.e.i.t.c.t.a.j.
========================================================================
---------------------------------------------
From: modemac@netcom.com (Modemac)
Sender: pkitty@netcom8.netcom.com
Modemac (modemac@netcom.net) wrote:
: modemac@netcom.com (Modemac) wrote:
: >(This trick of adding a fake name can also be done with the Free Agent
: >newsreader; it's possible to set your return email addess to a fake one.)
: Possible, hell, it's the bloodiest easiest thing to do ....
: Cuthulu
I wonder how easy it is with tin...at least the NNTP address should be
the same.
Reverend Pee Kitty
--
Meow!
---------------------------------------------
From: dobbs@dobbstown.com (J.R. "Bob" Dobbs)
Subject: Re: Send FAKE E-MAIL - Check it!
Message-ID: <dobbsV8SexC.5s8@dobbstown.com>
Sender: modemac@netcom21.netcom.com
Modemac (modemac@netcom.com) wrote:
: Modemac (modemac@netcom.net) wrote:
: I wonder how easy it is with tin...at least the NNTP address should be
: the same.
Note the headers here:
>From netcom.com!pkitty Sat May 13 05:52:52 1995 <-------------------------
Xref: netcom.com alt.slack:37097
Newsgroups: alt.slack
Path: netcom.com!pkitty <------------------------------------------------
From: modemac@netcom.com (Modemac)
Subject: Re: Send FAKE E-MAIL - Check it!
Message-ID: <pkittyD8InyC.5s8@netcom.com> <-----------------------------
Sender: pkitty@netcom8.netcom.com <--------------------------------------
Organization: NETCOM On-line Communication Services (408 261-4700 guest)
X-Newsreader: TIN [version 1.2 PL1]
References: <3ov6gr$ees_001@news.cris.com> <modemacD8GM73.22I@netcom.com>
<3p1cfq$oeu@ns1.unicomp.net>
Date: Sat, 13 May 1995 12:27:48 GMT
Lines: 18
You can alter the Path: line and the Message-ID: line in the same way you
alter the From: line. But because of the new security measures, you
can't change the Sender: line.
This also works with email replies, so that you can forge email from a
fake address.
---------------------------------------------
From: modemac@netcom.com (Modemac)
Sender: modemac@netcom15.netcom.com
R.REVV.ED (flashboy@cris.com) wrote:
: address:
: http://www.netcreations.com/fakemail/
Anyone can send fake email if they know the tricks. Here are two ways
for you to forge email. I do not encouraging troublemaking with these
tricks, because the more clever hackers (and sysadmins) can still track
you down if need be.
1) One of the many great things about UNIX shell accounts (and the TIN
newsreader) is the way you can insert your own headers into a message.
For instance, as I type this message, the header here says:
Subject: Re: Send FAKE E-MAIL - Check it!
Newsgroups: alt.slack
References: <3ov6gr$ees_001@news.cris.com>
Organization: NETCOM On-line Communication Services (408 261-4700 guest)
These headers can be edited, just like the rest of the text of this
message. All I have to do to add a fake name to this account is to go to
the top of this message and insert a line that says:
From: i.stang@metronet.com (Rev. Ivan Stang)
And the message will say that it's from Ivan Stang. HOWEVER, there is a
catch to this - and you can thank the Scientologists for this. Since
January, Scientologist has been using this method to forge cancel messages
so that Scientology can censor stuff they don't like on
alt.religion.scientology. For a couple of months the cancels came from
Netcom. After many people complained to Netcom about this, Netcom added
an unalterable Sender: line to message headers. So this means that even if
I put a header that says this message is from Ivan Stang, there will
still be a line in the header that says:
Sender: modemac@netcom.com
Many systems have added this little bit of security to their messages,
especially after the first Cancelpoodle was caught and kicked off of
Netcom; he moved around. At the moment, Scientology cancel messages are
coming from a system somewhere in the British Isles; we're trying to get
more info.
(This trick of adding a fake name can also be done with the Free Agent
newsreader; it's possible to set your return email addess to a fake one.)
2) Another way to forge email is to telnet to port 25 of just about any
system with Unix and forge your email from there. Here's how this
works. You type the lines in caps:
telnet netcom.com 25
5.57a/IDA-1.5 Sendmail is ready at Fri, 7 Apr 1995 23:50:57 +0500
HELO netcom.com
250 Hello mysystem.com, why do you call yourselfe netcom.com ?
MAIL From:<hkk@netcom.com>
<hkk@netcom.com>... Sender ok
RCPT To:<president@whitehouse.gov>
250 <president@whitehouse.gov>... Recipient ok
DATA
354 Enter mail, end with "." on a line by itself
Bill, Scientology is going to kill you soon !
.
250 Ok
QUIT
221 netcom.com closing connection
president@whitehouse.gov... Sent
[Again, I do not reccomend sending death threats. This is just an example.]
--
+---------------------------------------+
| Reverend Modemac (modemac@netcom.com) |
+-------------+ "There is no black and white." +------------+
| First Online Church of "Bob," A Subfaction of the Excremeditated |
| Congregation of the Overinflated Head of L. Ron Hubbard |
+------------------------------------------------------------------+
FINGER modemac@netcom.com for a FREE SubGenius Pamphlet!
Original file name: Send_FAKE_E-MAIL_-_Check
This file was converted with TextToHTML - (c) Logic n.v.