[PHP] MAIL FROM NO ONE
Hi... I've just checked out a script from hotscripts.com that send email from and smtp server... I've managed to say the email has come from a server that doesn't exist but the email can still be traced... is there know way to build a php smtp server ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MAIL FROM NO ONE
Vins, Yes, talk to port 25 of any smtp server using php. You would need to implement the full RFCs on smtp and its re-inventing the wheel. There are already classes to talk to whichever smtp server you want. Whichever smtp server you sent the mail to would log it, and the server it came from. Competent smtp servers will want to do both forward and reverse dns lookups on the computer connecting to it, and that is if it was an open relay (allowing anything to connect). So you would hide the originating computer in the chain in the email headers, but still leave a full audit trail in the next computer's logs. The only reason I can think of for wanting to do this is to send spam. Its the fastest way for your isp to kick you off that I know of (faster than not paying the bill). Its a Bad Idea (tm). Regards Chris vins wrote: Hi... I've just checked out a script from hotscripts.com that send email from and smtp server... I've managed to say the email has come from a server that doesn't exist but the email can still be traced... is there know way to build a php smtp server ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MAIL FROM NO ONE
On Thu, Jul 11, 2002 at 02:29:11PM +0200, vins wrote: Hi... I've just checked out a script from hotscripts.com that send email from and smtp server... The mail() does exactly the same Nothing fancy about it. I've managed to say the email has come from a server that doesn't exist but the email can still be traced... Care to show the headers? I'm just curious as to how the messages are actually produced. You have to keep in mind, that by doing something like this, the chances are really good that the majority of your email will NOT be delivered to its final destinations. Allot of SMTP servers does quite a bit of sanity checking on the headers received from an email message. They must, for example, include proper Received By (which is what is used for tracking the email), To:, From:, BCC:, etc headers. Without these, or with malformed headers, many SMTP servers will reject and bounce the email. You'll need to be *very* carefull in doing something like this. If you don't understand in very much details how SMTP works, and how SMTP servers delivers email, I'd suggest you do not attempt to tamper with it. is there know way to build a php smtp server ? PHP can't run a script in a daemon that I am aware of, so the short awnser is definately no. If you want a PHP script to simply send a message to a SMTP server, then sure, there is the mail() function, or you can open a socket to port 25 of the mail server. However, as I stated above, if you do not include proper headers (which identifies the email and make the email trackable), most SMTP servers will immediately reject the email. -- me -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MAIL FROM NO ONE
Chris Knipe wrote: On Thu, Jul 11, 2002 at 02:29:11PM +0200, vins wrote: Allot of SMTP servers does quite a bit of sanity checking on the headers received from an email message. Not in the west. They are too busy allowing in the commercial spam they are sending themselves. Otherwise you'd never be reading mail from a server called Lena.tut, as you are right now. And thank god they are not, since our ISP as a *lousy* SMTP service and I have to resort to this to make sure I can keep on working. What I do not understand is why you would need to build anything to bomb the guy. Just make sure you get an ISP that cannot track the phisical call (here many are still on protostoric pulse stations, you can find that somewhere at your place too, pretty sure). Then invent yourself a server name and run straight from sendmail, over. All you need is a temporary account from a dial-up. You are not robbing a bank, so nobody will look for you (your abuse.somewhere.co.za will say they never knew anybody, just like they said from norway and they will keep on drinking their beers). Personally I would not be cruel to anyone that has been already that mistreated by Mother Nature. Let him live with himself, it's the worst you can do to him. We got rid of Erik, but he never will :) *that* makes me happy. ðÏËÁ áÌØÂÅÒÔÏ ëÉÅ× -_=}{=_-@-_=}{=_--_=}{=_-@-_=}{=_--_=}{=_-@-_=}{=_--_=}{=_- LoRd, CaN yOu HeAr Me, LiKe I'm HeArInG yOu? lOrD i'M sHiNiNg... YoU kNoW I AlMoSt LoSt My MiNd, BuT nOw I'm HoMe AnD fReE tHe TeSt, YeS iT iS ThE tEsT, yEs It Is tHe TeSt, YeS iT iS ThE tEsT, yEs It Is... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php