TALKING SMTP
• (Connect to Server)
• Server: Good morning to you sir. I am smtp.icloud.com, and you?
• Client: Hello I am smtp.gmail.com
• Server: Hello smtp.gmail.com, I am so glad to meet you. How can I help you?
• Client: I want to send an email from [email protected]
• Server: Alright. Tell me more.
• Client: I need to send it to [email protected]
• Server: Sounds good. Keep going.
• Client: Here’s the message body – “Hello there!”
• Server: Got it, I am putting it in a queue for delivery
• Client: Thanks a lot, disconnecting now, talk later!
• Server: By bye!
• (Disconnects)
Slide 4
Slide 4 text
KEY COMMANDS
• MAIL – pass the email address you want to send from
• RCPT – the email address you want to send to
• DATA – pass the full email, including headers, message body
Slide 5
Slide 5 text
OUR STRATEGY
• Pretend to be a email service provider
• Connect to the target SMTP server
• Continue up to the RCPT command and see if it fails
• Most SMTP servers would send back a 550 if the user does
not exist
• Handle the exceptional cases
Slide 6
Slide 6 text
STEP – 1 : LOOKUP THE MX RECORD
• Email address: [email protected]
• Host: me.com
Slide 7
Slide 7 text
STEP – 2,3,4: TALK SMTP
Slide 8
Slide 8 text
STEP - 5 : MAKING SENSE OF THE RESPONSE
• Check the errors
• Check the error code to find specific reasons of failure
• We are only interested in 550 for now
Slide 9
Slide 9 text
LESSONS LEARNED SO FAR
• Looks simple but not simple at all!
• Yahoo! always sends positive response to prevent spams
• For Yahoo!, you need to follow a separate work around that involves sending
an actual email
• Cache MX Lookup
• Query to different MX servers
• Store the results in database, don’t query the same address twice
• Rotate IP address / Use proxies or VPNs
• Throttle requests
Slide 10
Slide 10 text
FURTHER DISCUSSION
• Email me: [email protected]
• Twitter: @masnun
• Discuss after my session