impersonating Juan, a quick test

John Newman jnn at synfin.org
Mon Jul 15 06:39:57 PDT 2019 

Sorry, I wasn't looking at the list yesterday. My spoofed 
header attempt used my actual cock.li login at port 587
of mx1.cock.li... I tried sending it with a "MAIL FROM: 
punk..", but those didn't go through, so then I just
used the same address I had authenticated with, and did 
an extremely rudimentary header spoof in the DATA 
section.  This made it through, although it had my cock.li 
address as a "Return-Path" in the headers, and then I sort 
of got bored and moved on to something else....

Of course, I tried just blasting it through cock.li without 
any SMTP authentication first, but as I suspected it's not
an open relay :). I had zero confidence that this would've 
worked but had to try. The whole point of doing the 
spoofed headers using cock.li's server was to make it look
authentic... You can spoof the headers from almost 
anywhere that lets you send SMTP but I wanted cock.li
servers to show up in the headers. I considered it a fail
because of what I mentioned in the first paragraph, but 
I haven't looked at the previous impersonation emails
closely enough to say for sure how they happened, but as
I recall they were better than mine (they were routed 
through cock.li servers but I don't remember any 
give-away "return-path" header or anything else). I'll take
another look at them when I have time to see what I may
have missed.

cheers
John


On July 15, 2019 12:59:08 AM UTC, Mirimir <mirimir at riseup.net> wrote:
>On 07/14/2019 05:04 PM, Punk wrote:
>> On Sun, 14 Jul 2019 16:13:26 -0700
>> Mirimir <mirimir at riseup.net> wrote:
>> 
>> 
>>> You are such an jerk.
>>>
>>> Why would you speculate about someone "guessing" your password, or
>Vince
>>> "playing games", after John clearly said that he spoofed some
>header?
>> 
>> 	because spoofing headers DOESNT actually WORK!! Doesn't "work" in
>the sense of creating a message that looks authentic. 
>> 
>> 	if you look at the headers of message 075590, which I didn't write,
>the headers look authentic :
>> 
>> 	https://lists.cpunks.org/pipermail/cypherpunks/2019-July/075590.html
>
>OK, I get it. Sorry to be such a jerk. I hadn't read the earlier posts
>about spoofed messages from your CockMail account. And I thought that
>you were referring to John's message that you replied to, not this
>other
>message, "Boomerhedge - Boomer Propaganda Cesspool".
>
>But seriously, that one is even less well spoofed.
>
>| From: Punk <punk at tfwno.gf>
>
>vs the message I'm replying to now
>
>| From: Punk <punks at tfwno.gf>
>
>> 	John tried doing the same thing and failed because a random cock.li
>user can't spoof a header in a way that makes it look *authentic*. SO,
>if the header IS authentic or a 'perfect fake',  then there are a few
>options 
>> 
>> 	1) somebody has my password
>> 
>> 	2) or cock.li's admin himself sent the messages (both 1 and 2 as
>suggested by Shawn)
>> 
>> 	3) or I'm lying and no message was spoofed. So I first wrote a
>message saying that zerohedge is garbage and then I wrote a reply to my
>own message as if I were a different person, disgagreeing with myself.
>Because I'm that retarded. 
>> 
>> 	needless to say I KNOW option 3 is false, but you're free to believe
>in such 'conspiracy theory'. 
>
>Unless I missed something, I doubt that your account has been
>compromised. Or that Vince is fucking with you.
>
>>> You can bullshit all you want, but it was a dumb thing to say, and
>it
>>> makes you look like an idiot. And it makes me wonder whether he
>actually
>>> got it right, because I don't recall you being as idiotic as this ;)
>> 
>> 
>> 	So what about YOU misreading what I said? You're clearly
>misunderstanding something. I'm even willing to admit it's because of
>my less than perfect english...But hopefully NOW you got it.
>
>Yes, I got it. Sorry. Just crabby today, I guess.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20190715/3299711b/attachment.sig>

More information about the cypherpunks mailing list