Scope of this documentEveryone has at one time or the other faced the need to quickly check your POP3 mail this is the traditional mailbox format your ISP uses to give you an emailaddres
Trang 1Scope of this document
Everyone has at one time or the other faced the need to quickly check your POP3 mail (this is the traditional mailbox format your ISP uses to give you an emailaddress POP3
(stands for Post Office Protocol) or to send mail using SMTP (Simple Mail Transport
Protocol) While it is becoming increasingly common to try to get to the mail through a
webmail front end, this document should help you read your email without having to leave any footprints and consequent vulnerabilities on the guest machine (be aware, public machines may be logged in as the system administrator needs, this is not a way to bypass the security, but a method to keep your information private) This document should help revive the black art of using a telnetscreen to quickly and efficiently retrieve and send emails without any other software There is another need to keeping knowledge
of these skills handy, this method is impervious to any email trojan, virus, spyware etc which means that you can safely get a gist of the mail, before your email client gets a glimpse of it If your email client is crashing because of a particular email in your
mailbox, you can safely get rid of it using this method
What you need
1 A telnet program; this isn't as hard to find as you might think Most versions of Windows have a rather competent version of telnet that ships with the OS To get
to the telnet program, simply open a command prompt(START > RUN > cmd) and then type the command telnet
2 Your email serveraddresses: If your email addressis statica@pcmechanic.com ; the server is usually mail.pcmech.com ; however some servers have separate subdomains like pop.pcmech.com for the incoming server and smtp.pcmech.com for outgoing server
3 Your username and password
Reading email
Nomenclature: commands that you type are in bold; explanation of commands are in {italics} Stuff that
you see on the screen are given in red text
For the purposes of my illustration let's assume the following:
Your POP3 mail server address is: mail.company.com
Your username is: johnny.lunchpail
Your password is: sandwich
Now that you've got the command prompt running (Windows XP and 2000 users) by going to START then RUN and type cmd ; the magic can begin
You should see the familiar directory prompt something that looks like:
mail.company.com 110
{this instructs your telnet program to connect to mail.company.com and port 110, the standard port for most POP3
servers}
+OK POP3 welcome to Company mail server
{a standard greeting identifying the server}
Trang 2user johnny.lunchpail
+OK welcome
{The user command identifies the user}
pass sandwich
+OK maildrop locked and ready
{The pass command must follow the user command, authenticating us}
stat
{This command lists the "statistics" of our mailbox}
+OK 4 44767
{there are 4 mails occupying 44767 bytes}
list
{list messages}
+OK 4 messages (44767 octets)
1 34012
2 2045
3 2903
4 5807
{the messages have been listed in the order they were received and their sizes}
retr 2
{this retrieves mail #2 on the list}
+OK 2045 octets
X-Apparently-To: johnny.lunchpail@company.com via
206.xx.11.111; Thu, 09 Sep 2004 23:02:52 -0700
X-Originating-IP: [216.xx.11.111]
Return-Path:
Received: from 206.xx.111.112 (HELO mail.company2.com)
(216.xxx.131.194) by mail.sender.com with SMTP; Thu, 09 Sep
2004 23:02:51 -0700
From: "Get rich" richness@richguys.com
To: johnny.lunchpail@company.com
Subject: Allergies bothering you? Buy drugs online
Why don't you buy drugs from our website
dele 3
+OK msg deleted
{sets message 3 for deletion, notice that the mail will not be deleted till you log out of your mailbox}
rset
+OK
{is an oops command, allows reset of the mailbox state as it was when you logged in, removes the deletion state for mail
3}
dele 2
+OK msg deleted
{now that is what we intended to delete}
quit
{self explanatory, the user logs off, deleting any messages that were marked for deletion}
Commands Glossary:
user: identifies the username
Trang 3 pass: issues the password
stat: gets the mailbox statistics
list: lists the mails in the mailbox
retr x: retrieves mail #x from the list above
dele x: marks mail #x from the list
top x y: retrieves the first y lines of mail #x (for example top 2 400 will get the first
400 lines of mail #2)
rset: reset the mailbox state and undelete any mails that were marked for deletion in
the current session
noop: this does nothing, just a command usually used to keep the connection alive
while you sip your coffee
quit: quit the server, delete all mails that were marked for deletion and say bye
Final considerations for reading email using telnet
As you can see, this is a very efficient way of retrieving emails from unfamiliar networks, especially over very slow connections, where there are overheads and security
implications of using a browser Of course, there are some basic shortfalls to this method; attachments will not be decoded, so be careful retrieving mails that are huge, the top command works well in showing you the text before the attachment comes through (Email is nicely arranged to contain the subject and body text before the attachment) A vast number of annoying email clients insist on including or sending emails in HTML; this might result in seeing HTML tags on your telnet window Hopefully this will also convince you to use plain text for emails, HTML is meant for browsers, email is meant to
be in text; there are no need for special colors and fonts for email - not only does it make emails more bloated than they need to be (for the same amount of information conveyed), but it also is the root cause of a lot of the rogue programs that are transmitted by email
Sending emails
Nomenclature: commands that you type are in bold; explanation of commands are in {italics} Stuff that
you see on the screen are given in red text
For the purposes of my illustration let's assume the following:
Your SMTP (outgoing) mail server address is: mail.company.com
Your email address is: johnny.lunchpail@company.com
Now that you've got the command prompt running (Windows XP and 2000 users by going to START then RUN and type cmd) ; You should see the familiar directory
prompt something that looks like:
mail.company.com 25
{this instructs your telnet program to connect to mail.company.com and port 25, the standard port for most SMTP servers}
220 welcome to mail.company.com STMP version 1.3.0
HELO johnny.home.com
250 mail.company.com Hello johnny.home.com
{this is a handshake, to identify yourself to the computer}
Trang 4MAIL FROM: johnny.lunchpail@company.com
250 johnny.lunchpail@company.com Sender ok
{Establish who the mail is from}
RCPT TO: boss@company.com
250 boss@company.com Recipient ok
{Establish whom the mail is going out to}
DATA
{this signifies that you are now going to type your email}
Subject: Client not pleased
{leave 1 blank line after typing Subject: so that traditional mail programs will recognize the first line as the subject of the
mail}
Sir:
The client is not pleased that there were no Cokes in the vending machine; on attempting to placate client with
Nachos - the vending machine ate client's money without dispensing said snack.
.
{this is a very important line a dot on a new line signifies the end of the mail}
250 Message accepted for delivery
QUIT
{this is the goodbye}
Final considerations for sending email using telnet
As you can see, this is a very efficient way of sending emails without having to resort to insecure means or where there are speed constraints on using browsers This method, over the years has proven less than successful (about time) as mail servers get locked down by their system administrators such open relays are closed down and alternate methods of authentication are being used to prevent random users from abusing the SMTP services