StarDestroyer.Net BBS

Is it possible to "fake" an email? I got a crazy email from an unlikely domain and I was wondering if my friend was just dicking me around. It uses a domain I'm pretty sure he couldn't have access to, but is it possible to create an email with a "return" email address that is not in fact your own? For example, if my address was "abc@mail.com" I could make the return address "xyz@aol.com."

It is possible. Spammers spoof emails all the time. If you want specifics on how you'll have to look elsewhere.

So that means that they could use the exact domain name and not one that's close to it? Because the domain name I see is exactly the same as the legitimate one.

Ok, I turned on the "show all headers" option (which I never knew existed until now) and found the X-Originating-IPs of my friend's IP and the IP in question and everything matched up except the last digit:

xxx.xxx.x.xx9
xxx.xxx.x.xx9

I'm pretty sure it was him just trying to dick me around.

That bastard.

What if I replied to the fake email address? Would it get rerouted back to my friend's email address? I want to lead him on and make him think I fell for it.

IRG CommandoJoe wrote:What if I replied to the fake email address? Would it get rerouted back to my friend's email address? I want to lead him on and make him think I fell for it.

No. If you replied to the fake e-mail address, your poor e-mail server will do its solemn best to get your mail to whatever address you specified (i.e. the fake address.) If there's someone who actually does have that address, they'll be wondering why you're spamming them.

Damn it! Too bad, I would have had fun with that.

Yeah, I've done it before when I was maybe 13 years old to try to prank my father. Didn't work, though I'm sure I could come up with something much better today if I was still immature enough to try those kinds of pranks.

You can change the email headers to appear to be coming from anyone you want, if you can find an email server that doesn't do the appropriate checks. IIRC Comcast's email servers used to work for that if your IP address originated from within their network.

However, they can't capture email coming back. So if you reply, the reply goes to the legit email address.

I've received e-mails supposedly from myself before that I know I didn't send. (Why would a spammer do that, by the way? I mean, I'm going to know if I e-mail myself an advertisement for Viagra. )

It's common for trojans and other such malware to swipe an Outlook Express address book and use it to send each name in the list email with the same name in the from field. Other variants would be using the first name or a random name from the list as sender to send to everyone on the list. So if one of your buddies fucks up, you start getting spam from "thm" and from "yourself".

I know a fair amount of spam gets sent out under my business website's name. It's mildly annoying since occasionally a spamblocker actually thinks it's from me.

I did have a bit of fun with a christian e-mailing him from god@heaven.org. Naturally he replied to me ("I don't know anyone else who could do this, so...").