We help IT Professionals succeed at work.

Outlook relaying

pma111 asked
Last Modified: 2010-04-08
How can I test whether my exchange server allows me to spoof who I am sending from. I.e. if my actuall acct is aaa@mydomain.com, I want to test whether I can spoof this to appear to be sent as bbb@mydomain.com. I have read on here it's possibly acheivable within your LAN, obvs not outside the LAN. How can I test this, I found this Q&A a while back but it doesnt describe how to test it

Watch Question

IP address of your SMTP server is replaced below with x.x.x.x

From a command prompt:-

TELNET x.x.x.x 25
helo mydomain.com
mail from: bbb@mydomain.com
rcpt to: aaa@mydomain.com
Subject: Hello, this is a test e-mail (Subject)

Hello, this is a test e-mail (body)

Note the dot on the line by itself before the quit command - the dot has to be by itself on it's own line.  This tells the SMTP server that this is the end of the message.

Also, note the Blank line after the subject, the balnk line is required to separate the e-mail headers from the e-mail body.

Response codes are generally; 400 series means good/positive response, 500 series are bad/negative response - read the text that goes along with the message code.

Also, note that you may need to turn on local echo and 'newline with carriage return' with older Windows OS TELNET programs.


Could not open connection to the host, on port 25

Does that mean we are secured from this sort of activity?

Are you using the internal (private) IP address of the SMTP mail server?


How can I get the internal IP of the SMTP Server.

I was using http://centralops.net/co/DomainDossier.aspx

I was using mail.xxx.mydomain.uk

That won't give you your internal IP address.  You need internal knowledge of your system.

If it's a small setup, then the SMTP server is probably the same server as your Exchange server.  So, you could try your Exchange server IP address.

In Outlook (This is how my Outlook 2003 goes) from the main Outlook window, Tools, E-mail Accounts..., View/Change existing e-mail accounts, Click on Microsoft Echange Server, click on Change..., the exchange server name should be highlighted - press Ctrl-C to get it into the clipboard.  you can use this full name in the telnet session, or ping the name to find its IP address - then use that.


Got the IP of the exchange server, and still get the exact same message.
Unlock this solution and get a sample of our free trial.
(No credit card required)


Yes the default for all email is SMTP, I will see if I can get assurances from the sys admin

You can always try SMTP from outside the network, e.g. home DSL, connecting to the public address.  Use the tool you mentioned above (http://centralops.net/co/DomainDossier.aspx) to get the DNS Records, try the telnet test on every single one of the MX records.
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.