Faking an email

IRG CommandoJoe · Post by **IRG CommandoJoe** » 2008-03-19 10:18pm

Is it possible to "fake" an email? I got a crazy email from an unlikely domain and I was wondering if my friend was just dicking me around. It uses a domain I'm pretty sure he couldn't have access to, but is it possible to create an email with a "return" email address that is not in fact your own? For example, if my address was "abc@mail.com" I could make the return address "xyz@aol.com."

General Zod · Post by **General Zod** » 2008-03-19 10:22pm

It is possible. Spammers spoof emails all the time. If you want specifics on how you'll have to look elsewhere.

IRG CommandoJoe · Post by **IRG CommandoJoe** » 2008-03-19 10:29pm

So that means that they could use the exact domain name and not one that's close to it? Because the domain name I see is exactly the same as the legitimate one.

IRG CommandoJoe · Post by **IRG CommandoJoe** » 2008-03-19 11:07pm

Ok, I turned on the "show all headers" option (which I never knew existed until now) and found the X-Originating-IPs of my friend's IP and the IP in question and everything matched up except the last digit:

xxx.xxx.x.xx9
xxx.xxx.x.xx9

I'm pretty sure it was him just trying to dick me around.

That bastard.

IRG CommandoJoe · Post by **IRG CommandoJoe** » 2008-03-19 11:14pm

What if I replied to the fake email address? Would it get rerouted back to my friend's email address? I want to lead him on and make him think I fell for it.

GrandMasterTerwynn · Post by **GrandMasterTerwynn** » 2008-03-19 11:29pm

IRG CommandoJoe wrote:What if I replied to the fake email address? Would it get rerouted back to my friend's email address? I want to lead him on and make him think I fell for it.

No. If you replied to the fake e-mail address, your poor e-mail server will do its solemn best to get your mail to whatever address you specified (i.e. the fake address.) If there's someone who actually does have that address, they'll be wondering why you're spamming them.

IRG CommandoJoe · Post by **IRG CommandoJoe** » 2008-03-19 11:36pm

Damn it! Too bad, I would have had fun with that.

Praxis · Post by **Praxis** » 2008-03-20 12:46am

Yeah, I've done it before when I was maybe 13 years old to try to prank my father. Didn't work, though I'm sure I could come up with something much better today if I was still immature enough to try those kinds of pranks.

You can change the email headers to appear to be coming from anyone you want, if you can find an email server that doesn't do the appropriate checks. IIRC Comcast's email servers used to work for that if your IP address originated from within their network.

However, they can't capture email coming back. So if you reply, the reply goes to the legit email address.

Rogue 9 · Post by **Rogue 9** » 2008-03-20 02:36pm

I've received e-mails supposedly from myself before that I know I didn't send. (Why would a spammer do that, by the way? I mean, I'm going to know if I e-mail myself an advertisement for Viagra.

)

Post by **Edi** » 2008-03-20 03:32pm

It's common for trojans and other such malware to swipe an Outlook Express address book and use it to send each name in the list email with the same name in the from field. Other variants would be using the first name or a random name from the list as sender to send to everyone on the list. So if one of your buddies fucks up, you start getting spam from "thm" and from "yourself".

Ariphaos · Post by **Ariphaos** » 2008-03-20 07:02pm

I know a fair amount of spam gets sent out under my business website's name. It's mildly annoying since occasionally a spamblocker actually thinks it's from me.

I did have a bit of fun with a christian e-mailing him from god@heaven.org. Naturally he replied to me ("I don't know anyone else who could do this, so...").