Email Spoofing Exposed

I was lucky enough to have recently learned how to do this myself, I emailed myself this little diddly to show you all how easily it can be done and how to do it. First of all, you need a telnet client – Putty works fine for me.

After that you should Telnet into an email server you know the username and password to on port 25 (this SMTP port). From there you should type ‘HELO [servername]‘ where the servername should be the server you are sending an email to. After that type SEND FROM: [whateveryouwant], and this is where scammers include the real email of some genuine entity they want you fool you into thinking they are. After this type RCPT TO: [destinationaddress], DATA, then whatever they want to say, after that they will type ‘.’ on a line by its own. Spammers will programmatically go through a list of addresses in efforts to hopefully trap on in a few thousand they send the mail to. I have tested this myself and below is a screenshot of what can be done using the discussed method:

How do you check and see if this is genuine? Click on the black down arrow and then ‘Show Original’ – See below:

In the screen that shows up look for the last ‘Received’ line, and find the IP address associated with it, a useful tool to use to trace back to the IP address is cqcounter.com’s Whois – IP Address tool , below is a sample result of looking up one of Google’s IP Addresses:

If the IP of the original sender of the email matches the company/entity this email purports to be, then you can probably trust the email. Otherwise delete the email, DO NOT REPLY to any spam emails you receive otherwise your email address will be marked as active and will be worth more on the email address list black market. Please comment if you have any questions about what I have written.