Success with Sending email without a SMTP Server!!!!
soapdog at mac.com
Sun Jan 30 16:00:12 EST 2005
yes, you are right! theres no password! Thats the same technique SPAM
makers use, I checked how they did it so that I could send a email out
of nowhere. The trick is, instead of me (mail client) talking to my
SMTP server and then my SMTP server (authentication goes here) talking
to yours SMTP server (no auth needed) to store a mail for you. The
protocol is dumb easy... Let me glue a terminal window here for you to
[soapdog:~] andregar% telnet smtp-mx.mac.com smtp
Connected to smtp-mx.mac.com.
Escape character is '^]'.
220 smtp-mx.mac.com ESMTP Service
250 mac.com Hello [220.127.116.11], pleased to meet you
mail from: <me at myMailProvider.com>
250 2.1.0 <me at myMailProvider.com>... Sender ok
rcpt to: <soapdog at mac.com>
250 2.1.5 <soapdog at mac.com>... Recipient ok
354 Enter mail, end with "." on a line by itself
From: <me at WhateverEmailIWant.com>
Subject: My subject
The body of the email.
250 2.0.0 j0UKnhfH008111 Message accepted for delivery
221 2.0.0 mac.com closing connection
Connection closed by foreign host.
See that's all it takes to send an email! the lines starting with
numbers are the server answers, the others are my hand typed ones. What
the stack does is exactly that. It talks directly to the receivers SMTP
server, which is acquired by Shao Sean getMXRecords(). And yes, you can
use this for SPAM, but your soul will be damned to hell, like all tools
one can use this for good use or bad use, this would end the problem
Dan had for he would be able to send emails from his app without the
need of servers, settings, whatever...
and quoting you: "Surely no one in 2005 aids spammers by turning off
the default requirement for SMTP authentication (if they did they
should be fired and forced to wear T-shirt in public reading "I'm the
reason you get spam")." We can start making the T-shirts....
Of course theres a huge movement not to allow this thing to work, and
some SMTP Servers will not allow this, they will check to see who's
talking to them, but since theres a battle between Yahoo! and Microsoft
on how this spec will come out, no one is making progress. I think AOL
servers will not allow this thru... but since this was build to send
reports back home for feedback on our apps, we can try it with our
server, I checked with my mails from gMail, Apple .Mac and my own
WeCode.org domain and all those SMTP servers accepted the email without
I'll be putting the stack for download in revOnline in couple minutes.
On Jan 30, 2005, at 6:41 PM, Richard Gaskin wrote:
> I don't understand:
> If a conversation with an SMTP server doesn't include a password, what
> will be the outcome? Surely no one in 2005 aids spammers by turning
> off the default requirement for SMTP authentication (if they did they
> should be fired and forced to wear T-shirt in public reading "I'm the
> reason you get spam").
> So if I understand you correctly it still comes down to the question:
> Is Dan comfortable handing is SMTP password to anyone with a copy of
> Interarchy or other traffic monitoring tool?
> Did I miss something? Are you suggestion Dan build a mini-SMTP-server
> capability with into his software?
> He could always bypass email altogether and get a working system this
> afternoon with a CGI....
> Richard Gaskin
> Fourth World Media Corporation
> Ambassador at FourthWorld.com http://www.FourthWorld.com
> use-revolution mailing list
> use-revolution at lists.runrev.com
Andre Alves Garzia ð 2004 ð BRAZIL
More information about the Use-livecode