How to Forge Email

First, make sure you've read the GTMHH on how to forge email. Then, the only problem remaining will be to find a vulnerable server. Here's how to find computers that will let you forge email:

It turns out this is still ridiculously easy, even if you use Windows 98. Just follow these steps for Windows computers:

1) Get online with an Internet Service Provider. Some online services do not give you true Internet connections. If these instructions don't work, you probably need to get a true Internet Service Provider.

2) Click start --> Programs --> MSDOS

3) In the MSDOS window, give the command "netstat -n". This will give you something like:

Active Connections

Proto Local Address Foreign Address State
TCP 38.29.999.187:1377 206.999.52.999:1088 ESTABLISHED

Save that first number.

4) Point your web browser at http://www.ipswitch.com and download "What's Up Gold."

5) Use it to scan all Internet addresses for port 25 open on other people using the same Internet Service Provider for dialup access. For example, I would scan all numbers beginning with 38.29.999. Note that this number has been fubarred (messed up beyond recognition) so use your own IP numbers you discover with "netstat -n". Warning -- be prepared to get kicked off your ISP for port scanning. While it is legal in most places, it is rude and people will suspect you of planing major computer crime.

5) The IP addresses with port 25 running are often people using outdated Linux systems and who don't know any better than to disable "relaying" on their mail servers. While those people are online, you can use their computers to forge email.

6) If you use Linux, and you have sendmail installed, check to see if it's version 8.9 or above. If so, you're OK. If not, either upgrade or see http://www.sendmail.org/~ca/email for instructions on how to prevent relaying.

---