邮件仿冒

SMTP协议与邮件格式

SMTP 协议

The SMTP design can be pictured as:


                  +----------+                +----------+
      +------+    |          |                |          |
      | User |<-->|          |      SMTP      |          |
      +------+    |  Client- |Commands/Replies| Server-  |
      +------+    |   SMTP   |<-------------->|    SMTP  |    +------+
      | File |<-->|          |    and Mail    |          |<-->| File |
      |System|    |          |                |          |    |System|
      +------+    +----------+                +----------+    +------+
                   SMTP client                SMTP server

交互

使用 openssl s_client -connect smtp.163.com:465 命令连接 163 SMTP 服务器进行交互式操作。如果需要登录 163 的SMTP ,需要开启 SMTP 服务并获取授权密码,操作如下图所示

alt text
helo example.com
auth login
YWxpY2VAMT*****YzLmNvbQo=
cGFzc3dv*****cmQK                   # 这里填写 base64 之后的授权码 
mail from: <[email protected]>
rcpt to: <[email protected]>
data
to: [email protected]
from: [email protected]
subject: test mail

this is a test mail from cli

.

SMTP 交互命令需要遵从协议指定的顺序 smtp rfc5321: 4.1.4. Order of Commands

  • 首先发送 EHLO(或者 HELO),表示开始一个初始化或开始一个新的邮件事务(本人理解发送一封邮件算一个事务),EHLO/HELO 携带客户端 FQDN (域名)发送给服务端作为客户都标识,也可以携带任意地址字符

Command(不区分大小写)
form
example
描述
备注

EHLO/HELO

EHLO <Domain><CRLF>

EHLO youngseaz.com

A session that will contain mail transactions MUST first beinitialized by the use of the EHLO command. These commands are used to identify the SMTP client to the SMTP server. The argument clause contains the fully-qualified domain name of the SMTP

The SMTP command EHLO, superseding the earlier HELO

AUTH

AUTH [LOGIN|PLAIN|CRAM-MD5]

AUTH LOGIN

支持 LOGIN、PLAIN 及 CRAM-MD5 三种认证方式

邮件伪造

最后更新于