I recently came across SharpMail, a UK based company that offers a fake email service similar to the service I host here. They offer a lot of cool features like reply back, file attachments, SMS for text messages (doesn’t work in US), rich text messages, and premade prank emails. However they have several features that I don’t like and that make my service better. First you have to register an account with them to do anything. Second they put a very noticeable link in the email. So the recipient knows very quickly that the email is fake. They also have a huge x-header that alerts to the fact that it is a prank. For $35 a year, you can remove these. So if you want to send a more truely anonymous (and free) email try out this. It is my goal to add a few more features to the script, like an optional reply feature, and maybe a new form with a rich text editor. I am also working on a C# program that will do the same stuff.
Archive for the 'Email' Category
Some time ago I wrote an article explaining how email spoofing worked. See here. I concluded that there was no good way to prevent your email address from being spoofed. Several people commented on that article and told me to look into Sender Policy Framework (SPF). I have done some research on SPF, and decided to write an article describing how to use SPF and some of the related issues.
Sender Policy Framework is a concept that validates that the IP address that an email is coming from is permitted to send mail for the domain found in the Return-Path. The concept was first introduced in 2003. It is not yet an RFC, but the IETF has accepted it as an experimental protocol. Microsoft is also involved in developing this concept, and they are calling it SenderID.
The concept of SPF is very simple. It is nothing more than a DNS entry that specifies which IP addresses are allowed to send mail from a domain.
Continue reading ‘Using Sender Policy Framework to stop email spoofing’
Part of my job at work is to monitor our email system. I receive all emails sent to postmaster and webmaster through our system. In the past few weeks, I have received dozens of undeliverable emails returned from other domains to these addresses. Most of these have dozens of email addresses listed that were undeliverable. Some are email rejected for viruses or suspected spam. Since our email system delivers thousands of emails to our clients daily, I was concerned that we were configured as an open-relay and would be blacklisted. After verifying that our server was not configured as an open relay I looked through the email logs looking for the undeliverable emails. I was unable to find the spam email anywhere in our logs, so I came to the conclusion that someone was spoofing our email addresses to send spam. Digging further in our email logs, I found other undeliverable emails sent to nonexistent email addresses. So I realized that they were spoofing other email addresses then just the postmaster. Some of the addresses were random strings of letters, but most looked like fake usernames. Because of this, I have done quite a bit of research on email and email address spoofing, and I thought that I would write up some of what I have learned. I have also provided a script that will allow you to send spoofed emails to your friends.