Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi all,
Vanilla are planning an update to the site on April 24th (next Wednesday). It is a major PHP8 update which is expected to boost performance across the site. The site will be down from 7pm and it is expected to take about an hour to complete. We appreciate your patience during the update.
Thanks all.

Checking to see if an email address is fake?

Options
  • 20-04-2003 8:12pm
    #1
    Venom
    Registered Users Posts: 6,984 ✭✭✭


    Cant go into to much details but I have been asked to check out an email address to see if it is real or not. I have no idea how to do this and was wondering if anyone could help?

    The address is james.robinson@kuwait.army.mil and is supposed to be a us army email address.

    Can anyone help me out?


Comments

  • Options
    #2
    seamus
    Registered Users Posts: 68,317 ✭✭✭✭seamus


    You probably know more about this than I do, but the only things I can suggest are telnetting via SMTP into the kuwait.army.mil server (to verify that the server actually exists), and sending an effectively blank email to the address, using a temporary address. Give it a day or so, and if you don't receive an 'unknown recipient' reply, then delete the temporary email address. So if the owner of the military address attempts to reply with a WTF?, they'll get an 'unknown recipient' reply and assume it was spam or somesuch.

    But no doubt there's a better way that I don't know about :)


  • Options
    #3
    daveirl
    Closed Accounts Posts: 14,483 ✭✭✭✭daveirl


    This post has been deleted.


  • Options
    #4
    Venom
    Registered Users Posts: 6,984 ✭✭✭Venom


    Thanks guys. Just wanted to further add the the web site http://www.kuwait.army.mil/ does exist, as in it is a real web site. Now Iv gone to a few of the links and they seem to contain real info.

    Now taking into account the info that daveirl posted (cheers mate, oue ya a pint ), would I be correct in my thinking that although it may be a real us military website, the email address in question is in fact faked using a address mask of some kind?

    Sorry to be a pain about this, but I just want to get the facts straight in my head.


  • Options
    #5
    daveirl
    Closed Accounts Posts: 14,483 ✭✭✭✭daveirl


    This post has been deleted.


  • Options
    #6
    Venom
    Registered Users Posts: 6,984 ✭✭✭Venom


    No I havent sent any email to the address yet.


  • Advertisement
  • Options
    #7
    daveirl
    Closed Accounts Posts: 14,483 ✭✭✭✭daveirl


    This post has been deleted.


  • Options
    #8
    Venom
    Registered Users Posts: 6,984 ✭✭✭Venom


    Nope i just saw it listed on another website where he is asking for donations for the troops.


  • Options
    #9
    yellum
    Closed Accounts Posts: 5,025 ✭✭✭yellum


    Originally posted by seamus
    You probably know more about this than I do, but the only things I can suggest are telnetting via SMTP into the kuwait.army.mil server (to verify that the server actually exists), and sending an effectively blank email to the address, using a temporary address.

    Uhm, if that were the case it would be used as a mail relay and would have every spammer in the world using it. Most SMTP servers will not let u connect to it that way anymore. They have some lockdowns now, such as only allowing certain ip ranges to connect to it or having some sort of authentication going.

    Also, it can still exist even if you can't ping it.

    A google search showed that the email format in question is correct. Depends now if that particular one exists.


  • Options
    #10
    dahamsta
    Banned (with Prison Access) Posts: 16,659 ✭✭✭✭dahamsta


    Originally posted by yellum
    Uhm, if that were the case it would be used as a mail relay and would have every spammer in the world using it. Most SMTP servers will not let u connect to it that way anymore. They have some lockdowns now, such as only allowing certain ip ranges to connect to it or having some sort of authentication going.
    Well, kind of, but not really.

    First of all, a delivery attempt to a local user isn't relaying, it's a delivery attempt, which is why dictionary attacks are so popular.

    Secondly, relay checks are done after the helo, mail from and rcpt to commands, but before the data command, so you can connect to a server and check for a valid user on that server without upsetting anyone. You don't even need to send a blank email.

    You can see successful and failed session examples here. In this case, we don't even get as far as the server:
    [abeecher@gerrytwigg abeecher]$ telnet kuwait.army.mil 25
    Trying 143.81.8.2...
    telnet: connect to address 143.81.8.2: No route to host
    That's not necessarily because the host doesn't exist, but because the host doesn't have a valid MX record, or possibly because the mail server isn't on or listening on port 25.

    Of course it's still possible that yellum is right, and that the host is locked down to specific IP ranges (the US Army LAN, for example); but from an outsider's perspective, no, that isn't a valid email address. It's not even a valid mail host.

    [BTW, kuwait.army.mil does have an MX record, in fact it has five. I would imagine that the address is for internal US Army only, or the mail servers are offline. I'm tired now, I'll leave the rest as an exercise to the reader. :)]

    adam


  • Options
    #11
    seamus
    Registered Users Posts: 68,317 ✭✭✭✭seamus


    Originally posted by yellum
    Uhm, if that were the case it would be used as a mail relay and would have every spammer in the world using it. Most SMTP servers will not let u connect to it that way anymore. They have some lockdowns now, such as only allowing certain ip ranges to connect to it or having some sort of authentication going.
    Heh I know, I should have worded my statement better;
    and sending an effectively blank email to the address, using a temporary address. - is the second suggestion. If all else fails, you can send the mail from your local machine - assuming you have an SMTP server on it, and admin access to add/delete addresses :)


  • Advertisement
  • Options
    #12
    logic1
    Closed Accounts Posts: 3,859 ✭✭✭logic1


    nmap -P0 kuwait.army.mil

    Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
    Interesting ports on webmail.kuwait.army.mil (143.81.8.2):
    (The 1595 ports scanned but not shown below are in state: closed)
    Port State Service
    21/tcp filtered ftp
    22/tcp filtered ssh
    23/tcp filtered telnet
    25/tcp filtered smtp
    80/tcp filtered http
    110/tcp filtered pop-3

    Nmap run completed -- 1 IP address (1 host up) scanned in 3 seconds


    It's up alright and all open ports are filtered and it's blocking all ctcp queries which is why you couldn't ping it.

    Whether the james.robinson@kuwait.army.mil address is real or not you'll simply have to mail it to find out.

    .logic.


  • Options
    #13
    Venom
    Registered Users Posts: 6,984 ✭✭✭Venom


    Thx for the insights guys :)


  • Options
    #14
    happydude13
    Registered Users Posts: 173 ✭✭happydude13


    this is he -- perhaps.

    http://csmweb2.emcweb.com/durable/2000/04/06/p1s5.htm


  • Options
    #15
    Sposs
    Registered Users Posts: 2,472 ✭✭✭Sposs


    According to this http://visualroute.visualware.com/

    The server is in Kuwait so it could be genuine!


Advertisement