Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #54542 > unrolled thread

How to send an anonymous mail via Python script

Back to article view | Back to comp.lang.python

Contents

  How to send an anonymous mail via Python script Νίκος <nikos.gr33k@gmail.com> - 2013-09-21 12:58 +0300
    Re: How to send an anonymous mail via Python script Chris Angelico <rosuav@gmail.com> - 2013-09-21 20:04 +1000
      Re: How to send an anonymous mail via Python script Νίκος <nikos.gr33k@gmail.com> - 2013-09-21 13:15 +0300
        Re: How to send an anonymous mail via Python script Chris Angelico <rosuav@gmail.com> - 2013-09-21 20:41 +1000
          Re: How to send an anonymous mail via Python script Alister <alister.ware@ntlworld.com> - 2013-09-24 11:36 +0000
            Re: How to send an anonymous mail via Python script Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-09-24 12:29 +0000
              Re: How to send an anonymous mail via Python script Chris Angelico <rosuav@gmail.com> - 2013-09-24 22:42 +1000
              Re: How to send an anonymous mail via Python script Alister <alister.ware@ntlworld.com> - 2013-09-24 14:55 +0000
        Re: How to send an anonymous mail via Python script Joel Goldstick <joel.goldstick@gmail.com> - 2013-09-21 12:09 -0400

#54542 — How to send an anonymous mail via Python script

I'll have to ask this atgain because i got no proper reply:
Here is the code i wrote to try tos end anonymous mail:

# 
=================================================================================================================
# if html form is submitted then send user mail
# 
=================================================================================================================
def random_char( y, chars=string.ascii_uppercase + string.digits ):
	return ''.join( random.choice(chars) for x in range(y) )


for times in range(0, 5):
	try:
		# prepare mail data
		FROM = random_char(8) + '@' + 'mail' + '.org'
		TO = "nikos.gr33k@gmail.com"
			
		SUBJECT = random_char( 50 )
		MESSAGE = random_char( 500 )
		
		os.system( "echo %s | mailx -v -r %s -s %s %s" % (MESSAGE, FROM, 
SUBJECT, TO) )

		print( "<h2><font color=blue>%sη αποστολή προς %s 
επετεύχθη!</font></h2>" % (times, TO) )
	except Exception as e:
		print( "sendmail => ", date, repr( sys.exc_info() ) )
else:
	print( '''<h2><font color=red>Δεν επιτρέπεται η χρήση του script από μη 
εξουσιοδοτημένα πρόσωπα!''' )

sys.exit(0)
=========================================================================================================================

Can you please tell me what alternation must be made in order to send 
this anonymously?

that is my question. There must be a way.

1. either by python and its smtplib module
2. by configuring the local MTA
3. by using a remailer

Please provide a solution with code if possible.
I will only answer to serious replies.

[toc] | [next] | [standalone]

#54544

On Sat, Sep 21, 2013 at 7:58 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
> Can you please tell me what alternation must be made in order to send this
> anonymously?
>
> that is my question. There must be a way.

No, there isn't. The nearest you could come to anonymous mail would be
sending via a botnet (to hide your IP address) and forging the from
address. So unless you *want* your mail to be flagged as spam and
detested by the entire world, NO THERE IS NO WAY to send it
anonymously.

ChrisA

[toc] | [prev] | [next] | [standalone]

#54545

On 21/9/2013 1:04 μμ, Chris Angelico wrote:
> On Sat, Sep 21, 2013 at 7:58 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>> Can you please tell me what alternation must be made in order to send this
>> anonymously?
>>
>> that is my question. There must be a way.
>
> No, there isn't. The nearest you could come to anonymous mail would be
> sending via a botnet (to hide your IP address) and forging the from
> address. So unless you *want* your mail to be flagged as spam and
> detested by the entire world, NO THERE IS NO WAY to send it
> anonymously.
>
> ChrisA
>
How about an anonymous remailer then?

[toc] | [prev] | [next] | [standalone]

#54547

On Sat, Sep 21, 2013 at 8:15 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
> On 21/9/2013 1:04 μμ, Chris Angelico wrote:
>>
>> On Sat, Sep 21, 2013 at 7:58 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>>>
>>> Can you please tell me what alternation must be made in order to send
>>> this
>>> anonymously?
>>>
>>> that is my question. There must be a way.
>>
>>
>> No, there isn't. The nearest you could come to anonymous mail would be
>> sending via a botnet (to hide your IP address) and forging the from
>> address. So unless you *want* your mail to be flagged as spam and
>> detested by the entire world, NO THERE IS NO WAY to send it
>> anonymously.
>>
>> ChrisA
>>
> How about an anonymous remailer then?

I'm going to spell this out for the benefit of anyone else who's
reading this, because I know Nikos won't take any notice. This is a
gross oversimplification, but I'm trying to condense everything into a
single email.

The internet can't be built on certainties, so it's built on trust.
Especially with the detection of spam, it's mainly a matter of trust -
trusting the sending computer, trusting the sending domain, and
trusting that the email in question really was sent by that domain.
Most anti-spam measures are aimed at one of those - for instance, SPF
is all about demonstrating that the sending computer belongs to the
sending domain, and DKIM is about matching the contents of the email
to its domain. The receiving MTA has to decide: Do I trust this sender
enough to accept this email, or will I reject it? As an example, my
own mail server checks a lot of things, including:
* How well the sender complies with the SMTP specification (if you
can't get protocol right, I don't want to talk to you; if you
deliberately violate protocol to try to conceal yourself, I definitely
don't want to talk to you)
* Whether the hostname and IP address match
* Whether the reverse DNS for the IP address has four numbers in it (a
common indication of home senders -
c122-107-147-136.eburwd5.vic.optusnet.com.au looks like a home user);
this doesn't prevent mail delivery, but it's marked down
* The SPF record for the sending domain, if it has one
* Certain source or destination addresses that have been blacklisted
* Bayesian similarity to emails previously marked as spam
* A few other details that I won't discuss in public, so you can't
game the system and send me a pile of spam :)

Some of these checks are "below the waterline" requirements - for
instance, if you don't say HELO or EHLO at the beginning of your SMTP
request, I'm not going to accept any mail from you. Others are "above
the waterline" - I'll still take the mail, but it's more likely to go
in the junk folder, because I don't trust you that much.

Violating the internet's standards will often mean your mail gets
rejected. There's a reason for that; trying to hide is usually a bad
idea. Be honest; establish a domain and a (small) set of IP addresses
that send its mail, and you can build up a record of trust ("Every
message I've ever seen from foo.example.com (IP address 203.0.113.54
as per its SPF record) has been accepted by my users as legitimate, so
I'm going to assume that this one, from the same domain and IP, is
legit"). It's not even all that hard to do - just deploy one of the
well-known mail servers like exim or Postfix, set up an SPF record
(not actually necessary, but it's so easy and can help so much that I
think everyone should do it), and let the rest take care of itself.

ChrisA

[toc] | [prev] | [next] | [standalone]

#54690

On Sat, 21 Sep 2013 20:41:25 +1000, Chris Angelico wrote:

> On Sat, Sep 21, 2013 at 8:15 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>> On 21/9/2013 1:04 μμ, Chris Angelico wrote:
>>>
>>> On Sat, Sep 21, 2013 at 7:58 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>>>>
>>>> Can you please tell me what alternation must be made in order to send
>>>> this anonymously?
>>>>
>>>> that is my question. There must be a way.
>>>
>>>
>>> No, there isn't. The nearest you could come to anonymous mail would be
>>> sending via a botnet (to hide your IP address) and forging the from
>>> address. So unless you *want* your mail to be flagged as spam and
>>> detested by the entire world, NO THERE IS NO WAY to send it
>>> anonymously.
>>>
>>> ChrisA
>>>
>> How about an anonymous remailer then?
> 
> I'm going to spell this out for the benefit of anyone else who's reading
> this, because I know Nikos won't take any notice. This is a gross
> oversimplification, but I'm trying to condense everything into a single
> email.
> 
<snip>

To put it even more simply
If you have a legitimate reason to send me emails then you have no 
legitimate reason to withhold your true Identity.

if you do I will assume you are a crook.

if you are asking for advise on how to achieve this I will assume you 
want to be a crook and will not provide any assistance.

-- 
No man would listen to you talk if he didn't know it was his turn next.
		-- E.W. Howe

[toc] | [prev] | [next] | [standalone]

#54693

On Tue, 24 Sep 2013 11:36:16 +0000, Alister wrote:

> To put it even more simply
> If you have a legitimate reason to send me emails then you have no
> legitimate reason to withhold your true Identity.

"Dear Alister,

Forgive this anonymous email, but I don't wish to get fired from my job 
and sued for breaking the confidentiality agreement I signed, but 
somebody needs to speak out about this matter. You need to know that the 
company I work for, Acme Ltd, is illegally dumping radioactive waste in 
the street where you live in the form of extremely fine powder which 
blows all over the street, into your home and garden. Attached is the 
evidence for this, proving that knowledge of this dumping goes all the 
way to the company board. I suggest you talk to your lawyer before your 
children develop mutant superpowers, or possibly cancer, whichever 
happens first."


Whistleblower laws are useless. Sometimes people need to remain 
anonymous. Even when whistleblower laws have teeth, sometimes it's just 
better to keep your identity unknown.

However, in the specific case of Nikos, I cannot imagine any legitimate 
reason for him to be sending anonymous emails to his website users. I've 
asked him to explain, but he hasn't. I can only conclude that he is 
intending to send spam, or otherwise act unethically or even criminally. 
Even if I knew how to write an anonymous mail server, I wouldn't help him.



-- 
Steven

[toc] | [prev] | [next] | [standalone]

#54694

On Tue, Sep 24, 2013 at 10:29 PM, Steven D'Aprano
<steve+comp.lang.python@pearwood.info> wrote:
> On Tue, 24 Sep 2013 11:36:16 +0000, Alister wrote:
>
>> To put it even more simply
>> If you have a legitimate reason to send me emails then you have no
>> legitimate reason to withhold your true Identity.
>
> "Dear Alister,
>
> Forgive this anonymous email, but I don't wish to get fired from my job
> and sued for breaking the confidentiality agreement I signed, but
> somebody needs to speak out about this matter.

There are definitely the odd times when a person needs anonymity. I do
not know of any times when an email-sending *computer* does. To send
your whistleblower email, I would recommend an HTTPS connection to
some free webmail service, or some sort of bouncer, or something - but
that bouncer can identify itself honestly to the receiver.

Same goes for other situations. I received your email, not from
pearwood.info, but from python.org - courtesy of Mailman. It's not
being sneaky about it, but the 'from' header is quite different from
the mail's actual origin. What I want to know here, primarily, is the
identity of the server who's giving me the message - ie python.org -
and MTAs will be adding tracking headers that identify that server.

(The concepts here are somewhat clouded by the c.l.py gateway, but
pick any other mailing list as your example and it'll be correct.)

ChrisA

[toc] | [prev] | [next] | [standalone]

#54703

On Tue, 24 Sep 2013 12:29:14 +0000, Steven D'Aprano wrote:

> On Tue, 24 Sep 2013 11:36:16 +0000, Alister wrote:
> 
>> To put it even more simply If you have a legitimate reason to send me
>> emails then you have no legitimate reason to withhold your true
>> Identity.
> 
> "Dear Alister,
<snip> 
> 
> Whistleblower laws are useless. Sometimes people need to remain
> anonymous. Even when whistleblower laws have teeth, sometimes it's just
> better to keep your identity unknown.


That would be acceptable as an email to me as a company/gvt. officer.
emails to me as an individual have no justification in remaining anonymous
> 
> However, in the specific case of Nikos, I cannot imagine any legitimate
> reason for him to be sending anonymous emails to his website users. I've
> asked him to explain, but he hasn't. I can only conclude that he is
> intending to send spam, or otherwise act unethically or even criminally.
> Even if I knew how to write an anonymous mail server, I wouldn't help
> him.

indeed, I have given Nikos the benefit of the doubt & even tried to help 
him once when the question seemed within my limited abilities but without 
further information on the purpose I will not be helping with this one.#




-- 
unfair competition, n.:
	Selling cheaper than we do.

[toc] | [prev] | [next] | [standalone]

#54558

[Multipart message — attachments visible in raw view] — view raw

On Sat, Sep 21, 2013 at 6:41 AM, Chris Angelico <rosuav@gmail.com> wrote:

> On Sat, Sep 21, 2013 at 8:15 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
> > On 21/9/2013 1:04 μμ, Chris Angelico wrote:
> >>
> >> On Sat, Sep 21, 2013 at 7:58 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
> >>>
> >>> Can you please tell me what alternation must be made in order to send
> >>> this
> >>> anonymously?
> >>>
> >>> that is my question. There must be a way.
>

Nikos, stop!  There very well may be a way to send spam.  But you need to
understand internet infrastructure, and be more clever than the many people
who do understand the internet infrastructure and don't want to read spam.
You can't do this because, as you have professed in other endless trolling
threads,  you don't like to read or study, you like people to give you
answers.  To me, that is the definition of laziness.  The second reason you
can't do this may be that you just don't want to do any of the things you
ask here.  Evidence of this would be that you repeat the same questions
over and over, ignore the answers, quote other's as supporting your
ruefully annoying wining, and then start a new thread just like the old
thread with one of your many email aliases.  That is the definition of a
troll.

This list is very informative when you disappear for a while.  If your
purpose is to single handedly degrade the experience of dozens of people
with interesting questions, and volunteers who guide and teach others, well
nice job.  If by chance you are just an unfortunate soul with such large
gaps in your self understanding of how rude your behavior here is, you
should know that you are rude. So, stop it




> >>
> >>
> >> No, there isn't. The nearest you could come to anonymous mail would be
> >> sending via a botnet (to hide your IP address) and forging the from
> >> address. So unless you *want* your mail to be flagged as spam and
> >> detested by the entire world, NO THERE IS NO WAY to send it
> >> anonymously.
> >>
> >> ChrisA
> >>
> > How about an anonymous remailer then?
>
> I'm going to spell this out for the benefit of anyone else who's
> reading this, because I know Nikos won't take any notice. This is a
> gross oversimplification, but I'm trying to condense everything into a
> single email.
>
> The internet can't be built on certainties, so it's built on trust.
> Especially with the detection of spam, it's mainly a matter of trust -
> trusting the sending computer, trusting the sending domain, and
> trusting that the email in question really was sent by that domain.
> Most anti-spam measures are aimed at one of those - for instance, SPF
> is all about demonstrating that the sending computer belongs to the
> sending domain, and DKIM is about matching the contents of the email
> to its domain. The receiving MTA has to decide: Do I trust this sender
> enough to accept this email, or will I reject it? As an example, my
> own mail server checks a lot of things, including:
> * How well the sender complies with the SMTP specification (if you
> can't get protocol right, I don't want to talk to you; if you
> deliberately violate protocol to try to conceal yourself, I definitely
> don't want to talk to you)
> * Whether the hostname and IP address match
> * Whether the reverse DNS for the IP address has four numbers in it (a
> common indication of home senders -
> c122-107-147-136.eburwd5.vic.optusnet.com.au looks like a home user);
> this doesn't prevent mail delivery, but it's marked down
> * The SPF record for the sending domain, if it has one
> * Certain source or destination addresses that have been blacklisted
> * Bayesian similarity to emails previously marked as spam
> * A few other details that I won't discuss in public, so you can't
> game the system and send me a pile of spam :)
>
> Some of these checks are "below the waterline" requirements - for
> instance, if you don't say HELO or EHLO at the beginning of your SMTP
> request, I'm not going to accept any mail from you. Others are "above
> the waterline" - I'll still take the mail, but it's more likely to go
> in the junk folder, because I don't trust you that much.
>
> Violating the internet's standards will often mean your mail gets
> rejected. There's a reason for that; trying to hide is usually a bad
> idea. Be honest; establish a domain and a (small) set of IP addresses
> that send its mail, and you can build up a record of trust ("Every
> message I've ever seen from foo.example.com (IP address 203.0.113.54
> as per its SPF record) has been accepted by my users as legitimate, so
> I'm going to assume that this one, from the same domain and IP, is
> legit"). It's not even all that hard to do - just deploy one of the
> well-known mail servers like exim or Postfix, set up an SPF record
> (not actually necessary, but it's so easy and can help so much that I
> think everyone should do it), and let the rest take care of itself.
>
> ChrisA
> --
> https://mail.python.org/mailman/listinfo/python-list
>



-- 
Joel Goldstick
http://joelgoldstick.com

[toc] | [prev] | [standalone]

Back to top | Article view | comp.lang.python

csiph-web