550 User Unknown cmd telnet error (Email spoofing)

cmd.exegmailsmtptelnet

I'm trying to send email using telnet in cmd. I have connection with telnet now. Btw I'm using a disposable email provider.

C:\Users\Student>telnet mail.dispostable.com 25

then it brought me here: 

220 dispostable.com ESMTP

then I type the following command:

ehlo mail.dispostable.com

and I got:

250-Hi
250 SIZE 50000

I have successfully entered the "mail from:" command and received the 250 message successfully (means I'm set) but suddenly I failed on the "rcpt to:"

mail from: caaquino@dispostable.com
250 OK
rcpt to: cedr******@gmail.com
550 User Unknown

Can someone please enlighten me if I'm doing the right thing on choosing a temporary email provider as the sender account of this email and using Gmail as the receiver/victim.

I've been trying various email accounts for the recepients and always receive the 550 user unknown error.

Best Answer

As far as I can see, dispostable.com does not offer outgoing mail relaying. They have mail servers that accept incoming mail to @dispostable.com addresses, but haven't configured them to allow sending mail to any address from @dispostable.com.

In other words, the error message means, "You cannot relay mail through me to @gmail.com."

  • This means that you would have to connect either directly to the recipient's incoming-mail servers, or to an open relay server. (I honestly doubt you could find many open relays on today's spam-filled Internet.) For example, @gmail.com's incoming mail is handled by:

    $ dig gmail.com MX
gmail.com.      3574    IN  MX   5 gmail-smtp-in.l.google.com.
gmail.com.      3574    IN  MX  10 alt1.gmail-smtp-in.l.google.com.
gmail.com.      3574    IN  MX  20 alt2.gmail-smtp-in.l.google.com.
gmail.com.      3574    IN  MX  30 alt3.gmail-smtp-in.l.google.com.
gmail.com.      3574    IN  MX  40 alt4.gmail-smtp-in.l.google.com.

    However, if you do this, Gmail will likely reject your message as spam, because they will find a SPF record at dispostable.com saying that no servers should send mail claiming to from that domain:

    $ dig dispostable.com TXT
dispostable.com.    86340   IN  TXT "v=spf1 -all"

  • Most "real" mail providers do give users access through mail relay servers. In the past, you could use them pretty much the same way, by connecting to port :25 and sending the message.

    However, nowadays "incoming" and "outgoing (relay)" services are generally kept separate; the latter runs onĀ portĀ :587 and almost always requires authentication (password login). This is possible to do by hand, but isn't too easy.

    Most mail relay servers also only allow logins over TLS (SSL) encrypted connections, so you'd need openssl s_client or gnutls-cli instead of plain old telnet.

  • And, also, this is the correct syntax:

    MAIL FROM:<caaquino@dispostable.com>
RCPT TO:<cedr******@gmail.com>

    Note the < >s around the address, and no spaces after FROM:. Many servers accept variations, but some reject everything except this syntax.

Related Question