Mail spoofing
Mail spoofing is the name given to various attempts at deception ( spoofing ) in e-mails in order to fake other identities.
The sender can easily enter an email address for himself that either does not belong to him or does not exist. At first glance, it looks to the recipient that this is the correct sender address.
This is possible because the sender address is not checked in the SMTP .
Indications of a falsification of this sender address can be obtained from the SMTP server used . For example, if a user sends an e-mail as first name.surname@example.com and does not use an EXAMPLE SMTP server but an unknown one, this e-mail could possibly be forged.
The change in the sender address does not need to be malicious, but it can also be that you have to send or even send your mail via the Internet provider's mail server . One reason for this can be that the provider forbids the customer to establish connections to mail servers and only allows one (single) of his own computers to send mail. This prevents open mail relays in your own network and an entry of your own network in a black list .
E-mail address spoofing is possible via open relays (SMTP servers that do not require authentication to send ).
Spoofing is generally possible in different ways, and a programmer can simplify or automate this process with the help of scripting and programming languages that master SMTP. In the PHP language , for example, it is very easy to add another header :
mail("ziel@provider.tld", "Grüße", "Grüße von Carla!", "From: carla@provider2.tld", "-f carla@provider2.tld");
The message sent in this way does not necessarily come from Carla.
This is often used by phishers to fool the recipient into thinking that he is his bank or something similar in order to obtain data.
Some mail providers filter on this characteristic and classify such mail as spam , although there are some useful uses of mail spoofing. For example, it makes sense to only allow a single server in a campus network that allows mail traffic in order to prevent hacked client computers from sending spam.
Domain owners can use SPF records to protect themselves against spoofing abuse. To do this, the recipient must have an appropriate spam filter in use.