left_1 left_2 left_3 left_4 left_5 left_6 left_7
right_1 right_2 right_3 blank right_5 right_6 right_7
16 15 14 13 12 11 10 9 8 24
1 2 3 4 5 5 6
7
menu_1a Home Page menu_1b
menu_2a Old School menu_2b
menu_2a Tutorials menu_2b
menu_2a Internet Hacks menu_2b
menu_2a System Crackers menu_2b
menu_2a Downloads menu_2b
menu_2a Links menu_2b
menu_2a Manuals menu_2b
menu_3a About menu_3b
menu_3a Other menu_3b

Quick 'n' easy fake mail

Warning: I have not updated this page (apart from this paragraph) since 1999, so please do not complain if it is incomplete, inaccurate, immature, or insane.

------Read this!------

By sending fake email, you may be committing the offense of fraud, which as we all know (right?) is an imprisonable offense. If this is being done as a prank, I would recommend that you let the person you are emailing know what you are doing, either ahead of time or IMMEDIATELY after you do this. I'm going to ask you to behave responsibly with this information. Sure, have a quick joke, but using this in a malicious way will get you in trouble!

Furthermore! You can AND will be traced if you do anything illegal. This method IS traceable. Law enforcement officials can have your phonenumber before you've even disconnected from the internet (I'm not exaggerating). If you want to send something untraceably, there ARE other methods, which I will not detail here. Think long and hard, folks.

------Read this!------

Just to reiterate: Totally anonymous email is impossible - if it got from you to there, it could be traced back from there to you... There are further measures you can take to make your email effectively untraceable, (keyword: wingates) but as it involves breaking the law in at least 3 countries (no kidding) so I think it would be unwise to detail them. Oh, and I've never done it.

Please note...

  • In the following examples, bold indicates user input, any normal text is computer output.
  • When you are connected to a mail exchanger, you CANNOT USE the backspace (delete) key. So any mistakes you make mean you must reconnect or send it as it is. Once you know what's going on, it may be worth setting up a telnet macro to do the entire process for you. That's assuming you'll be doing this a lot.
  • For this example, I will be emailing poor_sod@gullible.com, and the email will appear to come from nastygeezer@brutal.com. You can in fact email anybody with this method - the way the internet works means that (almost) anyone with any email address can be fakemailed.
  • Every computer you connect to to use this method will look slightly different, but the commands are generic, and should work anywhere.
  • And finally - these instructions are written for a Unix user - the method is basically the same for a Windoze user - but if you can't figure out what to change, you probably shouldn't be doing this at all.

Step 1 - Getting mail exchanger data and connecting

You must use a program called "nslookup" to look up information about the computer where poor_sod has his email address. In this case, gullible.com. On a standard *nix system, this can be achieved like this: 

% /usr/sbin/nslookup -q=MX gullible.com
                
Resolved gullible.com to 206.123.6.111...
[snip]
mail exchanger: easy.gullible.com
[snip]
%
Fig 1. Looking up mail exchanger data

An nslookup will produce quite a lot of data, but the only thing you are looking for is a "mail exchanger" - there are often several, but any of them will do. At this point, we must connect to the mail exchanger using port 25 - this is achieved like this:

% telnet easy.gullible.com 25
Connecting to easy.gullible.com....
Escape character is `]
Gullible ESMTP version 6.6.6 This software copyright (C) 1666 Gullible systems.
Fig 2. Connecting to the mail exchange

You are now "in". That wasn't hard, was it?

Step 2 - Identifying

Now you must tell the computer where you're from, who you are, and who's getting the email... 

HELO brutal.com
250 OK

MAIL FROM: <nastygeezer@brutal.com>
250 nastygeezer@brutal.com is syntactically correct

RCPT TO: <poor_sod@gullible.com>
250 poor_sod@gullible.com is syntactically correct
Fig 3. Fake identification

And that's it! The computer has accepted our input just fine! All we need to do now is...

Step 3 - The email itself

What we must do now is make the email look as if it came from a proper email program, rather than us just handtyping it in - this is important. If we don't put in credible data, most email clients will reject it. What we must do is add the headers, and then the email. 

DATA
354 Ready for data - end input with a "." on a new line
 
From: Mr Fake Guy <nastygeezer@brutal.com>
To: Poor Sod <poor_sod@gullible.com>
Subject: I'm a nasty geezer.

The email goes here. We've typed the date and time (exactly! look!) 
and then the names and email addresses of the sender and the recipient,
and the subject. Then just leave a blank line, and type the email!
When we want to end, we just do the full stop (period) on a new line
as the message said...

.
220 OK (ESMTP id 20023/197A4BB)
QUIT
Connection closed by foreign host
%
Fig 4. Creating headers and message

Congratulations. You now know how to send fake email.