Tryign to send mail via a python script by using the local MTA

D

Denis McMahon

It's most likely an issue in your local SMTP server's configuration.

I'm not convinced about that. All the evidence is that OPs local mta
delivers the message to google. I think the issue is that google are
deciding the message is junk and dropping it in the bit recycling bin.

This is just as likely to be a feature of the random_char(50) subject and
random_char(500) message text as it is any local mta settings. I have no
idea what OPs random_char(x) does, but I also see no proof it doesn't
insert data that's illegal in subject or body. Even if it creates a
wholly valid message subject and body, it might look like something spammy
to google.

starttls suggests that whatever his mta is, it's using some form of auth
to communicate with gmail. It looks like his mail is delivered to the
google servers.

If he's trying to prove communication works, he might be better off using
a message subject of "test" and a message body of "this is a test
message".
 
H

Heiko Wundram

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 16.09.2013 13:21, schrieb Denis McMahon:
If he's trying to prove communication works, he might be better off
using a message subject of "test" and a message body of "this is a
test message".

Generally, he might be best off if he didn't use os.system() with
string-interpolated (without escaping or any such) and user-specified
(!) parameters to send out the mail using mailx though a sub-shell.

This begs of using his mailer script for code injection as his
web-server user, and I'm amazed that nobody has commented on that so far.

- --
- --- Heiko.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSNuxTAAoJEDMqpHf921/Sd8IH/2BcapK/dNqbs/PDz3LZLiUS
JYYmNaWSjui7KYJsA/A8R3XVaM0eyHkYI8dr8Jx6hPdPJyeE27MCKddF3GlYs17Z
iO1AydR2J8kYjXgVLrCWtfH3taB6ryUko6sOe1j/u0hYbQOATxuBPvxTVK4Wmi85
1m8unw9NvlTelAREg6WLudqpE9i115dns87+FTNcgNd3ieppJw+Cv2Mp6z3Yn3he
y0W9yMqH1LV4oW/6arZVVIcaWDHCb1I0L++aC8JLnOHYz1osf+34BbHHBcY6Qkty
reon+sWKwrlJ56o8Zi1Lx97ymxXxuvUtJS/5WGpRh/XLWYVBGCX3XA42DKqscQk=
=xENG
-----END PGP SIGNATURE-----
 
F

Ferrous Cranus

Στις 16/9/2013 2:21 μμ, ο/η Denis McMahon έγÏαψε:
I'm not convinced about that. All the evidence is that OPs local mta
delivers the message to google. I think the issue is that google are
deciding the message is junk and dropping it in the bit recycling bin.

This is just as likely to be a feature of the random_char(50) subject and
random_char(500) message text as it is any local mta settings. I have no
idea what OPs random_char(x) does, but I also see no proof it doesn't
insert data that's illegal in subject or body. Even if it creates a
wholly valid message subject and body, it might look like something spammy
to google.

starttls suggests that whatever his mta is, it's using some form of auth
to communicate with gmail. It looks like his mail is delivered to the
google servers.

If he's trying to prove communication works, he might be better off using
a message subject of "test" and a message body of "this is a test
message".
Hello Denis and thanks for dropping into the conversation.

here is the code again with the random function definition:

#
=================================================================================================================
# if html form is submitted then send user mail
#
=================================================================================================================
def random_char( y, chars=string.ascii_uppercase + string.digits ):
return ''.join( random.choice(chars) for x in range(y) )


for times in range(0, 10):
try:
# prepare mail data
FROM = random_char(8) + '@' + random_char(5) + '.com'
TO = "(e-mail address removed)"

SUBJECT = random_char( 50 )
MESSAGE = random_char( 500 )

os.system( "echo %s | mailx -v -r %s -s %s %s" % (MESSAGE, FROM,
SUBJECT, TO) )

print( "<h2><font color=blue>%sη αποστολή Ï€Ïος %s
επετεÏχθη!</font></h2>" % (times, TO) )
except Exception as e:
print( "sendmail => ", date, repr( sys.exc_info() ) )

sys.exit(0)
=================================================================


i have sent 10 mails to my personal Google account and i though they
were never get delivered but it seems that every half an hour or so,
one-by-one come into appearance into my GMail account which i access via
Thunderbird!

I don't know whats delaying them so long but they do come.

What i want now is to be able to alter the hostname of my server so the
mails wont indicate that they derive from superhost.gr as they aare now
sen in the mail headers.

I will show you an example when one more mail arrive into my gmail account.
 
H

Heiko Wundram

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 16.09.2013 13:37, schrieb Ferrous Cranus:
What i want now is to be able to alter the hostname of my server so
the mails wont indicate that they derive from superhost.gr as they
aare now sen in the mail headers.

There is no way to do that, as the Received:-header which you complain
about is inserted by Google mail servers.

- --
- --- Heiko.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSNu8bAAoJEDMqpHf921/SFjwH/RXH79ynaWTkdeYWc3koAPvv
wQJKaiYy0FMJgV0JoZqWcg6xc/gEfoyBVvMlxTjSI9Jq44Ay6p3xYl4mCV9Oxplc
nx3SD8XKE6HV8H8cdUE+MAVxcI4mhz43so6yG7vWFJskuKZMC4zCwnP3F2Wt3zNK
EpgYyyKSCG+5KOhnOryw3lVQ0qlsqp02/cEQbn3iWtoe5ojh8qFr+bHL1vs02gtK
16YgKXre+69ne1hs4Hcyj1OKzYHU+YJmP6WTbdIXFXv1ujS3pf0vjpPWLX8f02Y1
n0HHBL0hWvm9+rbxYXera75jQUqY0v042fDjajhKNa/Sq36OBeoW6vt5hysDBxc=
=4HLT
-----END PGP SIGNATURE-----
 
F

Ferrous Cranus

Στις 16/9/2013 2:44 μμ, ο/η Heiko Wundram έγÏαψε:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 16.09.2013 13:37, schrieb Ferrous Cranus:

There is no way to do that, as the Received:-header which you complain
about is inserted by Google mail servers.

true.
Even if now i have stopped using Google's SMTP Server as a means for
sending out mails and i have decided to use my local MTA instead, at the
very moment Google's POP servers receive the mail they still add a
RECEIVE header revealing the hostname of the server that initiated the
contact. Correct?

But even so, if we alter for example the hostname of our server to a
different name then wouldn't Google use that to identify the server thus
protecting the real identity(hostname that is) of the server that
initiated the connection?
 
H

Heiko Wundram

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 16.09.2013 14:11, schrieb Ferrous Cranus:
But even so, if we alter for example the hostname of our server to
a different name then wouldn't Google use that to identify the
server thus protecting the real identity(hostname that is) of the
server that initiated the connection?

Why on earth would you want to do that? Mail routing headers are there
for a reason.

- --
- --- Heiko.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSNvbTAAoJEDMqpHf921/SUMoH/2iX9pw0DiOWqHzAj1igbswY
tlQVigpz8eprFpsl84JW0+NAOFcpy65VdmwynJ57+qhHvChpdygGoNYjtStP37nF
oYbMNHs2gRA+dbhl3xxjedGgIzQinGM7aiy+7ZGU/KIGHorMykV0eUDQaObklFNb
oepbNMu1yo2U2PWyBHxlH8iehyECFdeKfLRJX6YrkT5jSS7EKKn6UuaCLKRMYJNN
sClGe4J5x5GnIsPtPSWK73rdmYtY/vLmM9P4tDKCBAJvdW5nU52EXLlMNzWu8lPS
wvg6bor1/meYPxfzIcmIvKTiYZ+omkmQ8iPkOGEupPCKp8SRB9J2iq8nQA0mYo4=
=1cDc
-----END PGP SIGNATURE-----
 
A

Antoon Pardon

Op 16-09-13 14:11, Ferrous Cranus schreef:
Στις 16/9/2013 2:44 μμ, ο/η Heiko Wundram έγÏαψε:

true.
Even if now i have stopped using Google's SMTP Server as a means for
sending out mails and i have decided to use my local MTA instead, at the
very moment Google's POP servers receive the mail they still add a
RECEIVE header revealing the hostname of the server that initiated the
contact. Correct?

But even so, if we alter for example the hostname of our server to a
different name then wouldn't Google use that to identify the server thus
protecting the real identity(hostname that is) of the server that
initiated the connection?

No, google will probably find out that the name your server identifies
with, will not correspond with the IP address it is connected to and
will write a receive line that will reflect that fact, using reverse
DNS to report the real hostname of your computer.
 
F

Ferrous Cranus

Στις 16/9/2013 3:56 μμ, ο/η Antoon Pardon έγÏαψε:
Op 16-09-13 14:11, Ferrous Cranus schreef:

No, google will probably find out that the name your server identifies
with, will not correspond with the IP address it is connected to and
will write a receive line that will reflect that fact, using reverse
DNS to report the real hostname of your computer.

We need to try it to see if it will work, or perhaps we can alter both
the hostname and ip address variables on the server to some other values
so that google will use them too.

It will not detect the real hostname or the real ip this way since both
values will be not true.
 
F

Ferrous Cranus

Στις 16/9/2013 3:56 μμ, ο/η Antoon Pardon έγÏαψε:
Op 16-09-13 14:11, Ferrous Cranus schreef:

No, google will probably find out that the name your server identifies
with, will not correspond with the IP address it is connected to and
will write a receive line that will reflect that fact, using reverse
DNS to report the real hostname of your computer.
Τhis si the headers i would like to delete because i dont want them to
be used when sending mail:

X-AntiAbuse: This header was added to track abuse, please include it
with any abuse report
X-AntiAbuse: Primary Hostname - my.superhost.gr
X-AntiAbuse: Original Domain - superhost.gr
X-AntiAbuse: Originator/Caller UID/GID - [500 501] / [47 12]
X-AntiAbuse: Sender Address Domain - mail.org
X-Get-Message-Sender-Via: my.superhost.gr: authenticated_id: nikos/only
user confirmed/virtual account not confirmed

Can these be remoevd when i send mail?
 
F

Ferrous Cranus

Στις 16/9/2013 7:15 μμ, ο/η Ferrous Cranus έγÏαψε:
Στις 16/9/2013 3:56 μμ, ο/η Antoon Pardon έγÏαψε:
Op 16-09-13 14:11, Ferrous Cranus schreef:

No, google will probably find out that the name your server identifies
with, will not correspond with the IP address it is connected to and
will write a receive line that will reflect that fact, using reverse
DNS to report the real hostname of your computer.
Τhis si the headers i would like to delete because i dont want them to
be used when sending mail:

X-AntiAbuse: This header was added to track abuse, please include it
with any abuse report
X-AntiAbuse: Primary Hostname - my.superhost.gr
X-AntiAbuse: Original Domain - superhost.gr
X-AntiAbuse: Originator/Caller UID/GID - [500 501] / [47 12]
X-AntiAbuse: Sender Address Domain - mail.org
X-Get-Message-Sender-Via: my.superhost.gr: authenticated_id: nikos/only
user confirmed/virtual account not confirmed

Can these be remoevd when i send mail?

and this too:

Received: from nikos by my.superhost.gr with local (Exim 4.80.1)
(envelope-from <[email protected]>)
id 1VLam4-0004nG-TJ

I wish this not to be displayed.
 
D

Denis McMahon

We need to try it to see if it will work, or perhaps we can alter both
the hostname and ip address variables on the server to some other values
so that google will use them too.

It will not detect the real hostname or the real ip this way since both
values will be not true.

It may however detect that your are presenting an ip and or hostname that
does not match the host you are connecting with, and increase the spf
score on the messages to the point that the messages get rejected either
in the google mta or downstream due to their spf score.
 
J

Joel Goldstick

It may however detect that your are presenting an ip and or hostname that
does not match the host you are connecting with, and increase the spf
score on the messages to the point that the messages get rejected either
in the google mta or downstream due to their spf score.

Nikos,

You have to start with a historical perspective. Email was very open in
the beginning of the internet. Before there were bad actors. Since that
time, email has become the internet service most used for bad purposes, to
deliver bad payloads, spoof people into visiting fake websites to induce
them to give away private information, etc. So, the email services have
gotten more particular about what they deem safe email in lots of different
ways. If you want to do these various odd and misleading things to the
emails you send out, you will have to understand how to 'beat the systems'
that have been employed to stop that stuff.

Having read your questions here for the last year(s) I don't believe this
is an area in which you excel. You always want quick answers to questions
that often show your complete lack basic understanding of the question
domain. If you really want to plod along with this email spoofing, why
not take a couple of weeks to read all about how email works on the
internet, how email has been used to deliver viruses and spoofing schemes.
After you understand that stuff well enough to show your competence in a
forum where there are other email experts, as your questions there. As
has been pointed out by several people here, your questions are not python
language issues, they are issues relating to how email protocols work. So,
study up and go to an email experts group and good luck!
 
F

Ferrous Cranus

Στις 16/9/2013 8:53 μμ, ο/η William Ray Wing έγÏαψε:
Στις 16/9/2013 3:56 μμ, ο/η Antoon Pardon έγÏαψε:
Op 16-09-13 14:11, Ferrous Cranus schreef:
Στις 16/9/2013 2:44 μμ, ο/η Heiko Wundram έγÏαψε:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 16.09.2013 13:37, schrieb Ferrous Cranus:
What i want now is to be able to alter the hostname of my server so
the mails wont indicate that they derive from superhost.gr as they
aare now sen in the mail headers.

There is no way to do that, as the Received:-header which you complain
about is inserted by Google mail servers.

true.
Even if now i have stopped using Google's SMTP Server as a means for
sending out mails and i have decided to use my local MTA instead, at the
very moment Google's POP servers receive the mail they still add a
RECEIVE header revealing the hostname of the server that initiated the
contact. Correct?

But even so, if we alter for example the hostname of our server to a
different name then wouldn't Google use that to identify the server thus
protecting the real identity(hostname that is) of the server that
initiated the connection?

No, google will probably find out that the name your server identifies
with, will not correspond with the IP address it is connected to and
will write a receive line that will reflect that fact, using reverse
DNS to report the real hostname of your computer.
Τhis si the headers i would like to delete because i dont want them to be used when sending mail:

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - my.superhost.gr
X-AntiAbuse: Original Domain - superhost.gr
X-AntiAbuse: Originator/Caller UID/GID - [500 501] / [47 12]
X-AntiAbuse: Sender Address Domain - mail.org
X-Get-Message-Sender-Via: my.superhost.gr: authenticated_id: nikos/only user confirmed/virtual account not confirmed

Can these be remoevd when i send mail?

You realize that removing those headers will, in all likelihood, make Google reject your mail and refuse to either forward or deliver it. They have been added to reduce spam, and the more you attempt to obfuscate your header information, the more you make your mail look exactly like spam.

-Bill
But i wish to try it, is there a way to try to remove them?

For starters, does my MTA add them as additional headers to my mail or
Google adds them by default ?
 
F

Ferrous Cranus

Στις 16/9/2013 10:09 μμ, ο/η Denis McMahon έγÏαψε:
It may however detect that your are presenting an ip and or hostname that
does not match the host you are connecting with, and increase the spf
score on the messages to the point that the messages get rejected either
in the google mta or downstream due to their spf score.

We have to try it to know for sure.

For example do ou know how can a later the hostname the MTA uses to
identify the server?
 
S

Steven D'Aprano

We need to try it to see if it will work, or perhaps we can alter both
the hostname and ip address variables on the server to some other values
so that google will use them too.

It will not detect the real hostname or the real ip this way since both
values will be not true.


Are you planning on sending spam? Or some other criminal activity?

I cannot fathom for the life of me a legitimate reason for your website
to use a fake IP address and hostname when sending email.
 
T

Tim Chase

X-AntiAbuse: This header was added to track abuse, please include
it with any abuse report X-AntiAbuse: Primary Hostname -
my.superhost.gr
X-AntiAbuse: Original Domain - superhost.gr
X-AntiAbuse: Originator/Caller UID/GID - [500 501] / [47 12]
X-AntiAbuse: Sender Address Domain - mail.org
X-Get-Message-Sender-Via: my.superhost.gr: authenticated_id:
nikos/only user confirmed/virtual account not confirmed

For starters, does my MTA add them as additional headers to my mail
or Google adds them by default ?

Given that there are headers in there that know about your UID/GID, it
has to be a locally-running process that adds them. No remote server
(even as powerful as Gmail is) should/can know this legitimately
without being told. Thus, it's clearly your local MTA.
But i wish to try it, is there a way to try to remove them?

You could manage your own SMTP connection. If only Python had some
built in library that handled SMTP, that would be great! Then you
would be able to instantiate some SMTP object, connect to another
server, optionally authenticating, then send mail, and close the
connection. That would be so awesome! :-D

-tkc
 
F

feedthetroll

Am Dienstag, 17. September 2013 03:40:06 UTC+2 schrieb Tim Chase:
On 2013-09-17 00:15, Ferrous Cranus wrote:
...

You could manage your own SMTP connection. If only Python had some
built in library that handled SMTP, that would be great! Then you
would be able to instantiate some SMTP object, connect to another
server, optionally authenticating, then send mail, and close the
connection. That would be so awesome! :-D
Cool idea! But bad, bad GMail won't let me fake the FROM-Header. Bad, bad GMail. WHINE! ;-)
(Hey, we reached the start of the thread. Infinite loops are sooooooo cool ;-) )
 
H

Heiko Wundram

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 17.09.2013 01:41, schrieb Steven D'Aprano:
I cannot fathom for the life of me a legitimate reason for your
website to use a fake IP address and hostname when sending email.

In addition to that: it's amazing that Nikos thinks TCP will still
work in the presence of spoofed IP addresses. Email without TCP is a
challenge, at the least.

- --
- --- Heiko.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSODMPAAoJEDMqpHf921/SC0YH/3rCWDcX+rzJKonfeJXUYNxz
nbrBPDsoZf6xPh0socOn88TrzgbZewhWf2l3dHAPOKxTAwUWjRjygatTccBmZur9
6B+t410Nq7axz5+0jg4OwBSOQVt3jr0YInK3vWzq4nd0V0cHchvZzfrdSmnEloDU
V3wIPhBM7MEavyuvrxhutIM8DxA/0z6L/cLhwnpHfE6AxVMeGh/dHhGK9eaxJ03C
pfPWgb2fuCRHrOd3+cLUx3ZFF6YkK00PZzICFhkx236K8iaTvBgqIsod2tpyP6+t
H9qlXCfxit1d6nEzTJavx4suBGStcbhDr1C6VlDaPjfVH+w8842h/0QLhTsMXjY=
=K/XL
-----END PGP SIGNATURE-----
 
F

Ferrous Cranus

Στις 17/9/2013 2:55 μμ, ο/η Joel Goldstick έγÏαψε:
In honour of the value of mailing lists in general lets stop this thread
since once again the troll pattern repeats ad infinitum.

At least if you want to add to this nonsense, read each of the
(several?) dozen entries.

1. a seemingly earnest question is asked with something to do with
python. The question looks like it is from an very anxious novice
2. errors are pointed out in the sloppiness of the code and as an aside,
the value of code in general is questioned since it is based on
assumptions that are completely muddled, misunderstood
3. people start to laugh and grouse "here we go again"
4. The troll whines back that he asked a good and question and people
are being mean to him
5. He draws more people into the thread who feel bad he was maligned.
6. the thread seems to go on with some (faux) value as people probe the
the basis of the discussion further
7. The troll, ignores every single bit of useful information provided
that doesn't serve his interest in keeping this going by slightly
altering the questions, or posing new variants, or raising hair-brain
notions. In other words he is not discussion his own question, he is
TROLLING to keep the thread alive.
8. Someone notices the cycle is complete.

Go back for a year to every question asked by the troll who goes by
Nikos or Ferrous, or 2 or three other email address (in the same
thread!) and see if any of them don't follow this pattern. If you are
new here and think this guy is worth your time, you are wasting
everyone's time and memory space or disk space to add to these threads

Ok, I won't do it again.

Yes you are doing it.
I'm not trolling but trying to solve a specific question and i have
provided code i wrote to do that and explained the reason of why i want
it to work like this.
I wouldn't waste my time trying code so many days until i make it work.

If you want to think i'm trolling go ahead and do it but please do it in
your own thread not messing up mines.

There are members here like Tim Chase who said that they find it
interesting to be able to do what i proposed.

It's ok if you dont want to help, but spamming my thread with your
trolling assumptions towards me is tiresome and if you gonna do it open
do it at least in your own thread.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,962
Messages
2,570,134
Members
46,692
Latest member
JenniferTi

Latest Threads

Top