How to Forge email

本文介绍如何利用开放中继的SMTP服务器伪造发件人的电子邮件地址。通过使用telnet命令连接到允许转发邮件的服务器,并输入特定的SMTP命令,可以发送看似来自任意第三方地址的邮件。

How to Forge Email

SMTP, or Simple Mail Transport Protocol, is the name of the method computers use to send mail to each other, in other words SMTP is the language mail servers on the Internet use to speak to each other. Until the mid-1990's the default configuration for SMTP servers was to allow email forwarding, to act as a relay, which allowed people to use their own email address from almost any network location. Spammers soon caught on as this allowed them to send masses of commercial emails that did not appear to originate from their severs, and as a result the forwarding ability to most SMTP servers was turned off. Today fewer than 1% of SMTP servers allow mail forwarding, and many ISPs and email providers will not accept mail from these machines. Today you can still use SMTP forwarding if you can find a SMTP server that allows it. In this wikiHow we'll look at how you can use an open relay to send email that appears to originate form any third party address you choose.

[Steps]

  1. Open a command prompt by clicking Start, Run, and type cmd in the box and press OK. You should get a black "Command Prompt" screen.
    • This can be done with the Terminal.app in Macintosh OS X and the command line in most Unix and Linux based operating systems.
  2. Find out the name of your ISP's mail server, normally mail.isp.com or smtp.isp.com. This should be in your email client settings.
  3. Type telnet mail.isp.com 25. 25 is the port number most SMTP servers use. Learn more about telnet.
  4. When the mail server responds, you can start typing SMTP commands.
  5. Start with HELO blahblah.isp.com. You may have to use your ISP's domain name for it to be accepted.
  6. If it says 'pleased to meet you' or something like that, continue with the address you want the mail to come FROM. So, to forge mail from Bill Gates, type MAIL FROM: billg@microsoft.com.
  7. If it says Sender OK, type who you want the mail to go to, i.e. your friends address. Type RCPT TO: yourfriend@isp.com
  8. If it says Recipient OK, then you can type your message:
    1. Type DATA and press Enter.
    2. On the first line type Subject: yoursubject and press Enter twice.
    3. Continue typing your message, such as 'I'm bill gates and want to send you a billion dollars'.
    4. Put a single period (.) on a line by itself and press Enter to send your message. The server should say 'Message accepted for delivery'.
  9. You are done. You have just forged an email, and the recipient should be receiving it shortly.
  10. You can test to see if a given SMTP server is configured for forwarding by using online tools.


[Tips]

  • if you do not see the letters you type in your terminal application use the echo command.
  • Practice sending the message to yourself a few times until you get the hang of it.
  • Send it to yourself and view all the headers to make sure nothing that easily identifies you as the sender (like your computer name) shows up.
  • Servers which run enhanced SMTP will also accept 'ehlo blahblah.isp.com'. You may still need to use your ISP's domain name for it to be accepted.
  • It is normally easier just to find one of the many free websites that will allow you to send emails to anyone from anyone.
  • As mentioned in the warnings, most SMTP servers have relaying disabled. Many times you can overcome this by connecting to the ISP of the target email, since the server will accept it as a "local delivery" - i.e., if the target's address is "joe@company.com" telnet to "company.com" and forge it from there. Most "@company.com" mail servers are either "company.com", "mail.company.com" or "smtp.company.com".
  • If you use Windows telnet client and make a spelling mistake do not use the backspace key, instead, press ^] (CTRL+RIGHT BRACKET) to terminate the connection and try again. The backspace key is transmitted incorrectly and will result in odd characters appearing in the final message.
  • Some individuals believe running an open relay is a free speech issue, including John Gilmore, a long time Internet "personality" and one of the founders of the The Electronic Frontier Foundation. As a result most ISPs do not accept mail from Gilmore's servers.


[Warnings]

  • This method of forging email may not work at times. Almost all Internet service providers' SMTP servers and some private SMTP servers require authentication before permitting email to be sent. You can manually authenticate with an SMTP server, but you'll need to read RFC 2554 to learn how. Also, an SMTP server will generally only relay a message if it is either FROM or TO an address with the same domain name as its own.
  • This is not a foolproof method of sending anonymous email. Only a small amount of effort is required for a diligent party to positively identify you as the sender.
  • All that your ISP and law enforcement needs to do is look at the email headers and see the date/time and IP address the message came from. You can then be held accountable for any harm you may have caused by your email.
  • Some U.S. states now have laws against fraudulent email, especially when tied to a commercial endeavor. Be aware of any legal ramifications of your actions.


[Sources and Citations]

From http://www.wikihow.com/Forge-Email

代码下载地址: https://pan.quark.cn/s/a4b39357ea24 在当代Web开发领域中,前后端分离的架构模式已广泛普及,这种模式有助于提升开发效能,清晰界定工作职责,并支持前后端独立地进行开发与部署工作。当前项目借助Spring Boot框架构建了后端服务接口,并搭配Vue.js技术完成前端界面呈现,同时运用axios工具应对跨域通信挑战,从而形成一个完整的前后端分离实践范例。 1. **Spring Boot**: Spring Boot可视为Spring框架的一个精简版本,其旨在简化Spring应用的初始构建及开发流程。在Spring Boot环境下,开发者能够迅速构建出具备生产环境要求水准的Spring应用程序。该框架整合了众多常用第三方库的配置选项,例如数据库连接管理、模板引擎应用、安全机制设定等,显著降低了标准配置的复杂程度。 2. **后端接口开发**: 在`springBoot实现后端接口.zip`文件中,主要包含了基于Spring Boot的后端服务功能实现。通常情况下,我们会设计RESTful风格的API,通过HTTP协议的CRUD操作(即创建、读取、更新、删除)来响应前端发起的请求。这些接口多采用Spring MVC的注解方式,如`@GetMapping`, `@PostMapping`, `@PutMapping`, `@DeleteMapping`等来定义,并借助Spring Data JPA或MyBatis等数据持久化框架与数据库进行数据交互。 3. **Vue.js**: Vue.js是一款轻量级的前端JavaScript框架,专注于用户界面的开发。它具备响应式的数据绑定机制和组件化的架构设计,使得开发者能够高...
打开链接下载源码: https://pan.quark.cn/s/a4b39357ea24 直方图双峰法是一种以图像直方图为基础的阈值分割技术,其核心原理在于借助图像直方图中存在的两个显著峰值(双峰)来确定分割阈值,进而将图像有效地区分为前景与背景两个区域。该方法在处理二值化图像时展现出卓越的性能,特别是在图像的亮度分布呈现明显分离特征的场景下。为了深入掌握该方法,首先需要明确图像直方图的概念。图像直方图是一种用于表征图像像素强度分布特性的统计图表,它通过将图像中所有像素的灰度值按照其出现频率进行绘制,其中横轴表示灰度级别,纵轴则代表像素数量或频率。当图像的背景与前景具有显著的亮度对比时,直方图上通常能够观察到两个清晰的峰值,这两个峰值分别对应着背景和前景像素的集中区域。 在直方图双峰法的实践过程中,关键环节在于如何准确识别并选取这两个峰值作为阈值。通常情况下,我们会倾向于选择距离较远且峰值较高的两个峰,因为这样的配置往往意味着它们分别代表了图像中的两种主要类别。一种普遍采用的技术是通过计算相邻灰度级之间的梯度,从而定位梯度最大值的位置,该位置可以被视作两个峰值之间的谷底,随后取这两个峰值的平均值或中点作为最终的阈值。 在提供的代码实例中,首先加载了一个名为coins.png的图像,并利用`imshow`函数展示了原始图像。紧接着,绘制了该图像的直方图,参数`axis([0 255 0 4000])`用于设定直方图的显示范围,确保能够清晰地观察到图像的亮度分布情况。随后,选择了一个具体的阈值`th=97`,并通过`im2bw`函数将图像转换为二值图像,同时展示了分割后的结果。 阈值`th`的选取具有决定性作用,因为它直接关联到分割的最终效果。若阈值选取不当,可能会导...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值