Any ideas about how these guys http://www.tutorialspoint.com/verify_email_address.htm do it, given that most mail servers on the planet do not reply on VRFY? Do check with a valid and invalid email address - it even knows google's "catch-all" addresses
Actually it was pretty simple. They simulate sending an email and most of the mail servers (including Google) disclose the validity of the email address after the RCPT
Related
Recently I found a web application that can send email to my kindle foo#kindle.com on my behalf myemail#gmail.com. I am curious that how they can spoof the email sender to my gmail address without any permission. It's Kindle policy that only email addresses from an allowed list can send email to my kindle.
Your help is really appreciated.
In an email, you can change the 'from:' field to whatever you want. They simply changed the text in that field to your email address. If you would like to read more, here's the technical document describing how email should work: RFC 2822 Internet Message Format
since a few days our internal email info#ourdomain.com seems to go bananas and sends out emails to all sort of email addresses. Some of those emails bounce and we receive Mail Delivery Failed emails every minute.
Here is our setup:
Domain hosted at Germany's 1und1 provider
Nameserver configured on Amazon Route 53
MX server mx01.kundenserver.de and mx00.kundenserver.de
Rails application hosted on heroku
I called the support at 1und1 and they told me to set a SPF record which I did:
"v=spf1 a mx ~all"
after researching the topic via http://www.spf-record.de/
Unfortunately this did not resolve the problem.
Honestly I am cluesless now what to do to prevent this random email sending.
Our account could have been hacked but the password was already changed.
Any of your email account or script/code compromise can cause outgoing spam emails. If outgoing emails are originating from particular email account and you find large outgoing email account from particular email account, you should consider to reset the password of that email account immediately. Also, compromised email sending script/code can can cause outgoing spam.
If "from" email address on spam email is none of your existing account then "From" email address is getting authenticated from any of your existing email account for which you should inspect SMTP logs of mail server(you should have administrative access of mail server)
Mail server IP address should not be blacklisted,please check IP here :- http://mxtoolbox.com/blacklists.aspx
If IP address is blacklisted, you can request IP whitelist after you identify and fix the outgoing spam source as RBL keeps IP address blacklisted until they find the spamming activity relaxed.
SPF and PTR record should be correct so that email recipient server can trust the sender mail server.
Bounce back email and spam email header can help to identify the issue more preciously.
This happened to me before, I had a "refer a friend" feature on my website and someone use an automated script to send emails to a ton of people. My server wasn't comprised, it was just bad coding in the feature that I installed that allowed my mail server to send mail to different people on my behalf.
Since the email is coming from you, your SPF/DKIM will check out just fine.
So thing about all the points on your website that can send email and see if any of them can be compromised.
Also you'll want to do a blacklist scan, I use this service it does more then 200+ blacklist: https://www.unlocktheinbox.com/blacklist/bl/
Make sure you scan both your domain name and IP address. But before you take any action to remove yourself, you should wait 24 hours until after you fix the exploit on your system. Requesting removal and popping up again can get you permanently listed.
Sometimes when people try to send me messages they misspell email address and I lose the message.
Example:
If my email is ivijan.stefan#something.com and my client misspell and write evan.steven#something.com or iivijan.stefan#something.com etc, I will lost my email.
Is there a way to use MX record or some DNS setup to server notify me and send message on one master email address where I can see that someone try to contact me and see message?
DNS servers do not understand what an email is. It may be possible to do this at your mail server end though. Look for documentation for catch-all email addresses to receive all email that would have been sent to non-existent email addresses. Note that this may expose you to huge amounts of spam from bots that target well known email addresses like admin#domain or postmaster#domain.
I'm implementing an application in ruby on rails (although this is a minor detail) that needs to send emails. Everything works fine, but I'm surprised cause when the app sends a mail, as long as it's authenticated against the smtp server, the sender it's going to be whatever it's specified in mail from. My point is, I can authenticate in a smtp server with "myuser#mydomain.com" and "mypassword" and be able to send a mail in which the recipient would see whichever address I want as sender.
This doesn't make any sense for me, and I'm sure it can't be so easy. I know it's surely a completely silly question for most of you, but would really appreciate anyone could make it clear for me.
Cheers!!
You authenticate as a generic user, it is only an accident that your login name is similar to a mail address. And yes, usually you can send mail with any reverse-path (reverse-path is the address in the MAIL FROM SMTP command). This may be necessary, for example a list manager uses VERP and sends mails with many unique reverse-paths.
However, some mail servers and mail administrators do place restrictions on the reverse path and the address in the From header. Especially, if the server signs the message.
Moreover, if the receiving server checks SPF records, it is useless to impersonate a remote domain, even if it is allowed, because the mail will be rejected anyway (if the domain publishes an SPF DNS record).
i want to check to see if a given email say for example (yourname#your_domain.com) most likely that exact email don't exist is there a way to ping the email address or anything along that along that idea?
You can't reliably verify email addresses without human intervention. That's why the most common method is to send the user a 'confirmation' email.
You can use my gem: "email_verifier" that you can find here: https://github.com/kamilc/email_verifier
It gives you validator which connects with given mail server "asking" smtp server if there is given email address.
You can check if the address format is valid, but there is no effective, email-specific "Ping" or lookup that you can do, other then sending a verification e-mail containing a code or link which the users clicks on or enters on your site to verify their address.