EMail Forging

2) EMail Forging :- Email forging allows an attacker to disguise the source of an email and send it to the victim. Most attackers use this technique to fool the victim into believing that somebody else has send the particular email.
The SMTP protocol makes it extremely easy for an attacker to send forged emails to a remote user.
Typically an attacker carries out email forging by following steps:

1) Start Command Prompt and type the following command-
c:/>telnet 25 or c:/>telnet 25
example:- c:/>telnet 25
The above command opens a telnet connection to the specified remote mail server on port-25. Where port-25 is the default SMTP port on which outgoing mail daemon runs.

2) Once you are connected to the mail daemon of remote mail server, you would be greeted with a message similar to following:-

If you are not familiar with the smtp mail daemon commands then enter the keyword 'help' at daemon which may reveal all the supporting commands as shown below.

3) The correct sequence of commands to be executed is:-
a) helo
b) mail
c) rcpt
d) data
e) .(dot command represents end of mail body)
This all as shown in figure below:

EMail forging by this technique does not possible, if mail relying is disabled by it's service provider.