hey guys this is what i want to do:-(consider me as newbie to entire spoofing / spamming game)

i'm not at user of site abc.com but what i plan to do is to use the admin mail of abc website (e.g admin@abc.com) and sent a spoof email to person zyz@abc of the same domain.

I want to do this with lowest level of detection possible. Do i have to do an open-relay thing? if yes would it not be detected by mail-server anti-spoofing / black-list filters. How could i avoid my mail ending up at the spam box of my victim machine? if it does well spams gets deleted and bad things happen to it

If there is an command line tool for crafting fake email how could these cli tools provision the user of formatting (e.g insert hyper-link behind text) inserting images/ header and footer. The reason im saying this is coz without such dynamic content it would be impossible in my case to lure the potential victim. I cannot add the url if it has xss signatures in command line it would be so easy to detect?right....

Thank you for reading my message.Please help me find the right path:)

appreciate...



Edited 1 time(s). Last edit at 01/20/2011 03:23PM by lazer.

I 'spoof' all my emails and they don't get marked as spam, so I doubt that will be an issue unless you are emailing from a known open relay. As for command line tools.. sendmail is alright. And as for hiding the XSS, just obfuscate it with encoding or link to a page with persistent XSS that redirects to the target. That said, the 'right path' is probably not to exploit it :P Especially if you aren't 100% sure what you're doing.

Thank you ....:D
is it possible to write hyperlink code in sendmail program
e.g


<a href="http://www.goldcoastwebdesigns.com/change-hyperlink-color.shtml">hyperlink color</a>

and secondly how could u find list of open-relay server/? DO U have to perform a manual scan or not...