All email communications on the internet are possible by two protocols:
1) Simple Mail Transfer Protocol (SMTP port-25)
2) Post Office Protocol (POP port-110)
E-Mail hacking consists of various techniques as discussed below.
1) EMail Tracing :- Generally, the path taken by an email while travelling from sender to receiver can be explained by following diagram.
The most effective and easiest way to trace an email is to analyze it's email headers. This can be done by just viewing the full header of received email. A typical email header looks something like this:
The above email header gives us the following information about it's origin and path:
a) Sender's email address :- atiles@destatis.de
b) Source IP address :- 141.203.33.92
c) Source mail server :- dsl-189-160-34-89.prod-infinitum.com.mx
d) Email client :- Thunderbird 2.0.0.6
| There are lots of ready-made tools available on the internet which performs email tracing very effectively and shows exact geographical location for email sender on the world map. |
Recommended Tools |
NeoTrace | http://www.neotrace.com |
VisualRoute | http://visualroute.visualware.com |
E-MailTracker | http://www.visualware.com |
2) EMail Forging :- Email forging allows an attacker to disguise the source of an email and send it to the victim. Most attackers use this technique to fool the victim into believing that somebody else has send the particular email.
The SMTP protocol makes it extremely easy for an attacker to send forged emails to a remote user.
Typically an attacker carries out email forging by following steps:
1) Start Command Prompt and type the following command-
c:/>telnet smtp.mailserver.com 25 or
c:/>telnet mail.domain.com 25
example:- c:/>telnet smtp.gmail.com 25
The above command opens a telnet connection to the specified remote mail server on port-25. Where port-25 is the default SMTP port on which outgoing mail daemon runs.
2) Once you are connected to the mail daemon of remote mail server, you would be greeted with a message similar to following:-
If you are not familiar with the smtp mail daemon commands then enter the keyword 'help' at daemon which may reveal all the supporting commands as shown below.
3) The correct sequence of commands to be executed is:-
a) helo mailserver1.com
b) mail from:abc@mailserver1.com
c) rcpt to:xyz@mailserver2.com
d) data
e) .(dot command represents end of mail body)
This all as shown in figure below:
| EMail forging by this technique does not possible, if mail relying is disabled by it's service provider.
3) Spam :- Every e-mail account and network on the internet has limited space and bandwidth. This means that if an attacker is able to clog up all the inbox space and bandwidth of the target computer, it could cause lot of inconvenience and unnecessary trouble. Spam e-mails have slowly but surely started clogging up the bandwidth on the internet and the memory space in our inboxes.
MailBombing:- Mailbombing is a technique wherein the attacker floods victim's e-mail account with an extremely large (sometimes infinite) number of unsolicited meaningless e-mails. Two different types of mailbombing are-
a) Mass Mailbombing
b) List Linking Mailbombing |