dslogo1.gif
Home
Tutorials
Password Crackers
Dictionary/Word Lists
Unix
Encryption
Port Scanners
Privacy/Anonymity
Trojans
Contact/About Me
The Lighter Side
Proxy Servers
Password Managers
Anti-Trojan/Virus
Personal Firewalls
Anti-Spyware
Secure File Deletion
Internet Cleanup Tools
PC Access Control
System Utilities
Email Security
Instant Messengers
Virus Creation Software
IRC
Web Development
Digital Soldier M.A.M.E
Digital Soldier Wallpaper
Digital Soldier Emulation
Digital Soldier Javascripts
Digital Soldier Games Spot

anonymous mailservers
 
I. INTRODUCTION
Let me tell you why I'm writing this text:
There are only a few people on the Net who really know what's meant
by "anonymous mailservers". And many newbies and also average users
send they're illegal mails/spam over a so-called "anonymous" hotmail-
(usa.net-) account ...
 -------------------------------------------------------------------------
II. BASIC INFORMATION
Every normal mail you send though a mailserver contains several
informations in the header. this header could be easily viewed by
any one who is interested in (try to find the option you have to
enable in your mail-client or try pressing CTRL-H while viewing the
mail).
These header contains one line which is important for us:
[...]
Received: from HOSTNAME ([ip])
 by mailserver (8.8.5/8.8.5) with SMTP id AAA28185
 for <victim@server.ext>;
[...]
This line looks different on different mailservers, but it mainly
contains the same information: your HOSTNAME and your IP (!).
Everybody could now see what provider you're using. He/she could
write a simple mail to your Postmaster (postmaster@provider.ext)
to get your real identity.
Just try it out! Send yourself a simple single testmail and take
a look in the complete header.
 -------------------------------------------------------------------------
III. DIFFERENT WAYS TO SEND/RECIEVE ANONYMOUS MAIL
There are several ways. This tutorial will only cover one of these,
because I think it's the most simple and most comfortable way.
a) REMAILERS
The most secure method is using any remailers. These remailers "cut off"
the Hostname and IP in your mails and forwards them (anonymous) to your
victim.
ADVANTAGES: - these remailers could be used "in a row" (you can send
              yor mail through many of them)
            - very secure (they do not keep logs and you can use pgp)
DISADVANTAGES:
            - you can't recieve any mail and you'll have to use
              a special client (like Private Idaho) for sending
              these mails
            - remailers often need hours to send a mail to your victim
I cannot provide you any information on these remailers, they're
wide-spread all over the Net. If you can't find anything, send
a mail to help@weasel.owl.de (one of the remailers) first.
b) FORMS ON THE NET/FREE WEB-BASED EMAIL
FormMails (scripts for use with Forms on Web-pages, more information
in any HTML-tutorial) often do not get YOUR ip/hostname, because you do
not *directly* use the mailserver: The contents of your mail(form) are
transported by the Webserver, which will send the mail.
ADVANTAGES: - you can often enter any sender-address, eg. of your "best
              friend" or anybody else :-) or just your own one (think
              about free email-remailers)
            - mail should be send at once
DISADVANTAGES:
            - you have to use a form online, you can't write offline
            - about 99,9% of this formmailers do also keep log so you're
              not 100% anonymous (!)
These formmailers could be easily found ... do not bother me about it.
*ATTENTION*: Most of this free web-based emailservices use this or any
similar system, but they often include YOUR IP in their mails (like
Hotmail...). I haven't found any web-based service which is really
anonymous. And everybody could email your admin again to get you/kill
your account.
c) "PUBLIC" SMTP-SERVERS
This is the part I want to concentrate on because I think it's
a good compromise between anonymity and "normal" mailing. You
can use your preferred email-client, no restrictions are made.
Let me explain a bit more:
As you could see in CHAPTER II. every standard mail you send contains
IP [not easy to fake] and HOSTNAME [you can fake it using email-bombers].
Some servers all over the world use old versions of Sendmail which
does NOT include your IP (sometimes not even your Hostname). You can
use them as your normal server (let's say mail.aol.com or
mail.compuserve.com) in your own client...
A mail over one of these old servers contains the following or
similar information:
[...]
Received: from HOSTNAME by mailserver (8.8.7/ZRZ-Gen-8) with SMTP id AAA23022
 for <victim@server.ext>;
[...]
 -------------------------------------------------------------------------
IV. HOW TO DISCOVER THESE ANONYMOUS SERVERS
First time I tried around with several servers (catch your preferred
mailbomber like KABOOM, UNABOMB or anything else), I was really
disappointed how rare to find such a mailserver is.
I used nearly ALL URLs I got to send a mail over them (got the fine
16bit-tool MAILSCAN for doing this; more see CHAPTER V.) and
after a half year I only got 2 or 3 "hits".
So I asked myself: "Where is the always existing better way? ;-)"
Finally I got it and now (about 1/4 year later ;) I'll share it
with you.
The most "working" anonymous servers had 'cryptic' URLs like
czcz4.stm.xx.ext in foreign countries like Croatia...
        { funny enough: mail.eule.de works ;) }
About 80% of mailservers I found had the extension .CN (<-- dunno
exactly what country it is)... so I used the normally un-used
command "HOST: CN" in Altavista [did only work in this searchengine,
try out others too] to show up all servers using .CN or .NET.CN .
Now you'll have enough servers to try out... and normally 50% or more
work... a minute to find one of them with a good mailbomber or -scanner.
BTW: You don't have to try it with the .CN given here, use others too.