This instructable is about hacking and just messing around with the SMTP servers in general. I will show you how to use nslookup to find out what your email's SMTP server is, how to telnet into it, and how to send mail from the server to yourself or other people.

note: FUBAR stands for something along the lines of "F***** Up Beyond All Recognition

Step 1: Getting the Names & Numbers

Ok, time for nslookup! Go to Start-->Run and type in: "cmd" and press enter. When the command prompt comes up, type in "nslookup", and then press enter. The command prompt should now have stuff written on the screen about your IP address, and about your ISP (Internet Service Provider). Now, type in:

set type=mx
(your email server here)

This should display your email provider's email servers.

Step 2: Finding the Right Address and Telneting In

From the last step, you can see a lot of different stuff that looks like gibberish to the untrained eye. But fear not, for I shall help you in this time of need! First, you only want to pay attention to the block of addresses at the top that are formated in a table. Bring up the command prompt, and type in:

telnet (first address here) 25

If you get a response from the server saying something like:

220 mx.google.com ESMTP 31si4851324nfu

Then you are all set up to go to Step 3: Mail Time! If not, and you get something like this instead:

Connecting to google.com.....Could not open connection to the host, on port 25: Connect failed

Then you need to repeat this step with the next server down the list. If you have exhausted your list from nslookup, and still had no luck, then there is probably a problem with your ISP or the people on that email service don't allow inbound telntet connections. For example, I have been told that AOL users can't telnet, but I can not test it because I don't have AOL.

Step 3: Mail Time!

As you can see in the pictures, I used these commands, in this order:
helo -- this preps the server for the mail address

mail from: -- This is who it sends from.

rcpt to: -- This is who it sends to.

data -- This tells it the following is the message

From:something here }
To:something here } These are some headers.
Subject:something else here }

(message here) -- this is the message

. -- this tells the server end of data, send it now.

exit -- exit the connection

As you can see in the pictures, pressing backspace does not work very well. :(
421 Cannot connect to SMTP server (, connect timeout <br> <br>Connection to host lost. <br> <br> <br>/\ That's what keeps happening on lots of servers I try...
this is spoofing mail...technically not the most legal thing...but if the server doesn't have it's relays turned off...then well...it's they're fault MOST public mail servers (gmail included) won't actually let you send mail from them via telnet....most of them have their relay permissions set correctly to only allow mail to be sent from specified locations (such as the server you connect to at gmail.com)....if the server doesn't recognize your IP address...it will reject the mail with "unable to forward for" kind of messages...or if you don't try to send FROM an actual email address in their system it will fail...etc......every once in a while you CAN in fact find a mail server that's not locked down...and you can send mail however you like...but this day and age...that's getting rare
Ya. I used to do this all the time a few years back, but they started to pick up on the security. So far you can usually only do this stuff on third party websites.
What kind of websites can you still do this on?
Doesn't work for me,,, a little help? I attached what I typed and the result I got after I pressed the enter key. after I pressed the enter key, the telnet screen was blank for 15-20 seconds and then showed that error. -J
Use the mail exchange with the lowest number for preference. You used the 4th alternate, try the main one instead.
Thanks for the suggestion, I tried it but to no avail. Am I getting this because my server is my wireless router?
What do you mean by that?
In the first picture when I type &quot;nslookup&quot; I don't get my web providers domain, I get my wireless router. I tried connecting to smtp.gmail.com and got a reply immediately though. However it told me I didn't have the right authentication. After testing some more later that night, I remembered I can use the &quot;tracert&quot; command to trace the ip address map all the way to a server. So I did:<br> tracert google.com<br> tracert yahoo.com<br> and looked at the similar addresses, the main ones happened to be from att.net. Then I went to this site: http://www.smtpinfo.com/smtp_servers.php and tried to used the mailhost.worldnet.att.net&nbsp; and I was able to send one (yay!) except I couldn't get the subject field, the from: field, or the To: field to be filled. Even though I had to specify the MAIL FROM: and the RCPT TO: before I could send it.<br>
yeah.. gmail may have gotten better about unauthorized smtp. there are still others that allow it though.
Any tips on getting those fields filled?
When you get connected to the server try typing in 'help' or similar. Some servers are actually user friendly lol.
I did that *feels smart-er than usually* but it only returned some of the commands. Most of them give a url that leads to some page on smtp basic rules and commands, but I don't think they are server specific. (I think GMail does the latter, if you wanna give it a shot.)
Try a different webserver maybe? Let me try gmail again and I'll try to see what's up.
every time i type in &quot;mail from:(any address)&quot; it says connection to host lost... =/
do you not have to enter a password in any of these steps in order to login to the email account??
Well, you aren't actually loging in to the email account, so no. Basically all that you can do is send an email from a spoofed address. you can't read the person's email that you send it from.
Hey dude<sub>,</sub><br/>It was really nice<sub>i followed upto some extent</sub>,but when i enetr my email address for the mail from<sub>,I'm always getting 555.5.5.2 syntax error.i7si17877668nfh.8</sub>,wat shud i do next <sub></sub>kindly guide me<sub>,my email address is joelovesvoldemort@gmail.com</sub><br/>
I assume you cant do this on Vista? I opened it and the nslookup didnt come up as anything
Actually you can... to stop random stupid people from messing around with telnet Microsoft copied Macintosh and put a tiny line of code before the telnet. To access telnet, you basically have to put in that code (i think its something along the lines of %*S# ) and then do everything normally. I actually don't know the code itself but you could look it up on google as "how to telnet from vista"
yep, thanks! i overlook google sometimes. turns out you have to manually turn on the telenet, and windows installs it for you
If this still was in voting I would definitely one-up it. I had tried it a while back, but couldn't get anything in the subject, who it was from, or in the body, but I still got an email. Now I can get it to look just like a real email. Here's the content of one of mine that worked-<br/><br/>220 mx.google.com ESMTP i49si17476598rne.0<br/>helo God<br/>250 mx.google.com at your service<br/>mail from:&lt;God&gt;<br/>250 2.1.0 OK<br/>rcpt to:&lt;patrickboatner@gmail.com&gt;<br/>250 2.1.5 OK<br/>data<br/>354 Go ahead<br/>from:God<br/>to:patrickboatner@gmail.com<br/>subject:Keep up the h good work<br/><br/> Hey Patrick,<br/>How has it been down there on earth? I hope you have a good summer.<br/>Keep up the good work, abnd I'kk be seeing you sometime soon.<br/>Sorry for all the typos, I didn't put a backspace key on my<br/>heavenly keyboard :) .<br/> His Majesty,<br/> God<br/>.<br/>250 2.0.0 OK 1211646734 i49si17476598rne.0<br/>quit<br/>221 2.0.0 mx.google.com closing connection i49si17476598rne.0<br/><br/>Connection to host lost.<br/><br/>And here's a picture from my inbox-<br/><em>https://www.instructables.com/files/orig/F5K/7I26/FGL9670I/F5K7I26FGL9670I.bmp</em><br/>
That is so funny! Glad to hear someone finally likes this.
Rogers' E-mail sever isn't locked down yet
roger's is a service provider
When i type in telnet gsmtp183.google.com 25 it says: unrecognized command. btw i have vista home premium
vista doesn't have telnet built in. you have to download it from the internet. sorry :(
yes it does, just go to control panel, programs and features, and click on "turn windows features on or off" on the left colum. scroll down to telnet client and cleck the box. it worked for me
Oh. I remembered seeing that telnet isn't installed in vista somewhere...
thats odd, are you sure? on the list of windows features that you click on it is the 6th one up from the bottom.
I don't have Vista, I just had read a snip about it not being there. I didn't read the whole thing, I just skimmed, so I probably missed that. If you can find it, then it's probably there.
oh, sorry
just a note: FUBAR is an old WWII acronym meaning Fouled Up Beyond All Repair
try typing bash once you telnet in, it might enable backspace
After i type in set type=mx<br/> gmail.com - it comes up with **** No mail exchange (MX) records available for gmail.com<br/>
Must be something with your setup because it worked for me.
so its pretty much just a complicated way to send an anonamous email??
It is kinda like forging e-mail, but ya I guess.

About This Instructable




More by duct tape:How to make a Jacob's Ladder! SMTP Fun Netcat fun! 
Add instructable to: