Jump to content


Photo
- - - - -

Sender of email gets fake postmaster reply


  • Please log in to reply
4 replies to this topic

#1 totallyAunti

totallyAunti

    Mack Daddy 31337

  • Members
  • 209 posts
  • Country:
  • Gender:Male
  • Location:nubie-ville (somewhat new to internet, watch out)

Posted 13 August 2009 - 08:43 PM

I recently came upwith an idea to make someone who emails me think my email address is dead(though it's not really dead). And they'll read this is true fromtheir own postmaster..haha.

I'm still workingout a little bug in my idea, but that's because I'm using Thunderbird and haveto get used to how its setup.

Anyway, a person hasto begin with the postmaster addresses off every known email program. Oneis Google whose postmaster addy is :
mailer-daemon@googlemail.com


Steps are these :

1-send an email butbe sure it has a fake username, one that'll ensure the postmaster will send itback to you saying "no such account" or whatever. Do this fromevery email domain account you have (point is here to get a list of all of them,the major ones anyway).


2-notice the text ofan undeliverable email sent back to you? Well just delete off things likeany header info and the line where it has listed the email address you justtried to email. But save the rest of it - the general text is what you wantsaved for future use (see below).

3-now you have thispostmaster email address list, save it aisde for later.

4-using Thunderbirdor similar program (the email program has to allow you to put in a fake"from" address for sending emails out), set up a filer in Thunderbird(or whatever you're using). This filter will serve the followingpurpose :

When an email is forwarded to the email program and account you've setup withsay, the "mailer-daemon@googlemail.com" account in Thunderbird, thefilter has been instructed to "reply with template" to all emailreceived at this account. When anyone sends you an email, it'll forwardto Thunderbirds filter which will then spit out the autoreply (a "replywith template") which will be addressed "from : mailer-daemon@googlemail.com". So the sender gets this email from "the google postmasters address"and will get fooled by it into thinking the email address he just sent an emailto is DEAD. And btw, when the sender of the email gets it back (orso he thinks it came back to him undeliverable ;) ), it'll inlcudethe text you saved from an actual postmaster email you got (this is for authenticity) saying "email to the receipient has permanently failed"or whatever (this text would've been pasted in for the "reply with template", which will get emailed everytime someone send you an email andyou do this part while setting this up).


Unless someone issmart enough to check the header of the emailed reply they just got from thepostmaster, they'll just think the email address they just tried to send to isDEAD. And for those who wouldthink and check the header, they'll still not be able to send an email throughsuccessfully since they'll keep getting the "postmaster" oneinstead... very annoying and good to use to annoy someone.

Of course, to dothis you must make a filter in your email program (not Thunderbirds) telling itthat email from this person or on this subject is to get "forwarded"to another account you have setup in Thunderbird - reason is you'll need to doit this way unless you dont mind all email send to your addy get a postmasterreply. This way, only select emails sent to you are filtered andsent to the Thunderbird program email account you have waiting.


The reply text theyget will look pretty authentic, like this :

-------------------------------

This is anautomatically generated Delivery Status Notification

Delivery to therecipient failed permanently.

Technical details ofpermanent failure:

Google tried todeliver your message, but it was rejected by the recipient domain. We recommendcontacting the other email provider for further information about the cause ofthis error. The error that the other server returned was: 550 550 5.1.1 Not ourCustomer (state 14).
----------------------------

Hopefully Iexplained what I was thinking.. :?

Edited by totallyAunti, 13 August 2009 - 08:46 PM.

  • chaostic likes this

#2 chown

chown

    SUPR3M3 31337 Mack Daddy P1MP

  • Moderating Team
  • 493 posts
  • Country:
  • Gender:Male
  • Location:Floating on a sea of hydrogen

Posted 13 August 2009 - 09:42 PM

That would be a pretty clever way to get spammers to think your address is defunct.

#3 chaostic

chaostic

    rekcah-rebÜ

  • Members
  • 724 posts

Posted 13 August 2009 - 11:16 PM

Apple's Mail.app has a "Bounce" option, that would tell the sending server that the mail actually bounced instead. It can also redirect a message to another address but still have the original sender as the from address, instead of a regular forward.

#4 lattera

lattera

    Underground Shizzleness

  • Members
  • 511 posts
  • Gender:Male

Posted 14 August 2009 - 12:23 AM

The problem is that 100% of spam these days is sent in an automated fashion, generally from botnets. They don't care whether the email they sent was successful or not. In fact, the from and reply-to addresses from spambots don't actually exist. Instead of instructing the user to reply to the email, the piece of spam instructs the user to click a link.

Your idea might work against other people sending you unwanted email. However, who gives their email out to people they don't want to receive email from? (Wow, weirdly-worded sentence). You might run into legal issues copying and pasting copyrighted work, though.

#5 chown

chown

    SUPR3M3 31337 Mack Daddy P1MP

  • Moderating Team
  • 493 posts
  • Country:
  • Gender:Male
  • Location:Floating on a sea of hydrogen

Posted 14 August 2009 - 12:38 AM

The problem is that 100% of spam these days is sent in an automated fashion, generally from botnets. They don't care whether the email they sent was successful or not. In fact, the from and reply-to addresses from spambots don't actually exist. Instead of instructing the user to reply to the email, the piece of spam instructs the user to click a link.

Your idea might work against other people sending you unwanted email. However, who gives their email out to people they don't want to receive email from? (Wow, weirdly-worded sentence). You might run into legal issues copying and pasting copyrighted work, though.

Yeah, I suppose you're right. Though if I were a spammer I would want to collect statistics about click thrughs, market reach, spam-filter success and things like that. So I would probably run small trials using random samples of addresses from my database and a valid throw-away email account to collect replies from mailer dæmons (or pissed off users), and use that to perform a statistical analysis.




BinRev is hosted by the great people at Lunarpages!