This article was posted to the Usenet group alt.hackers in
1995; any technical information is probably outdated.
AOL's mailsystem, lies and videotape
Article: 8414 of alt.hackers From: dedeo@mit.edu (Simon Joseph Dedeo) Newsgroups: alt.hackers Subject: AOL's mailsystem, lies and videotape Date: 8 Aug 1995 16:59:03 GMT Organization: Massachvsetts Institvte of Technology Lines: 68 Approved: senator-exon@first-amendment.com Message-ID: 40854n$evj@senator-bedfellow.MIT.EDU NNTP-Posting-Host: m11-113-2.mit.edu X-Newsreader: TIN [version 1.2 PL2] Status: RO
[Part I: AOL's mailsystem.] :) Before I begin this post, I'll thank all the generous and knowledgable people who replied in e-mail or on alt.hackers to my previous post. If anybody's interested, I can summarize the e-mail I received. OK, so I figured out how all this nslookup stuff works, and I think I have a good enough handle on how nameservers maintain up-to-date information on machine addresses and so on. So, using the authoratative Nameserver "NS.ANS.NET", I locate an address that would accept connections to port 25. (mail05.mail.aol.com). This guy was running HP Sendmail 16.2. So I say hi with "EHLO" (doesn't compain that I didn't give it an address), and then try to "vrfy" a friend's address on the system --> EXPN joe@aol.com 250 <joe@emin06.mail.aol.com> OK, sure. Not as much information as I would have hoped for... but still, it's working fine. So then I try EXPN nauinefnwfnnc@aol.com 250 <nauinefnwfnnc@emin06.mail.aol.com> It will "vrfy" any string of characters, regardless of if it's an actual user name on the AOL system. (of course, there just might be someone walking around with the name "nauinefnwfnnc", but I doubt it. :) ) So does AOL have its own message routing system behind sendmail that filters out invalid usernames and generates a simulated Error Message? Does anybody have any suggestions as to the next step in figuring out how AOL mail delivery works? -------------------------------------------- >From a previous post: "Also, note that AOL does NOT like this information getting out, as it it's proprietary or something." If all I'm doing is manually tracing out the route mail takes from my system to theirs, is that a problem? Can I get arrested for "impersonating a daemon" if I telnet into 25 and simulate the mail delivery? Sure, something adolescent like sending fakemaill from their SMTP port is questionable (appropiation of resources? stealing electricity?), but if they don't have a problem with my legit mail bouncing around their system automatically... -------------------------------------------- Argh! Need an ObHack. (This project is getting more and more expensive...) Getting out of building a musical instrument for a "Conceptual Physics" Class (a.k.a. "Touchy-feely Physics for people confused by addition") in ninth grade with the following project... Transferring data between two Apple IIe's (gotta love 'em) with the PDL out ports. Very slow transfer rates (a few baud), but it worked nonetheless, and I ended up inventing alot of the algorithms that I'm now reading about in the TCP/IP RFC's (headers, checksums, ACKs, etc.,etc.) The whole thing was in BASIC (aiie!), but I'm seriously considering going back to hack up a machine code version. (Phew. Big post) -Simon D.