I am creating an email spammer, for an outstanding cause

Question

In Cuba, web access is extremely censored, so I created a tool that allows more than 50,000 people to browse the Internet through email. Cubans send me an email with an URL in the subject line, and I email them back with the response. Read more at https://apretaste.com.

It was working like a charm, till the communist government of Cuba started blocking my emails. My solution was rotation.

I started with Amazon SES, and I was changing the domain each time it was blocked, but Amazon adds a header to all emails, and once they blocked the header no email from SES was able to reach Cuba any more. The same happened with Mailgun and others, they all add headers.

Currently I am creating Gmail accounts and sending via SMTP, but Google blocks me for no reason and only allows to send 100 emails a day per account. Also I can only create few emails using the same IP address/phone, so I was forced to use anonymous proxies and fake Chinese phones. Now I am fighting a war on two fronts.

An email can be blocked by three parameters: IP address, domain, and email address.

It will be terrific if I can set up my own Postfix server at a VPS that auto-rotates the IP address. Even better if I can simulate "gmail.com", to avoid purchasing a new domain every day.

All the intents to create what I call "the ultimate sender" just either reach the spam folder or add unwanted headers making it too easy to block. I feel exhausted. I hit a knowledge barrier here.

I know I am crossing to the dark side, but this is for a very good cause. Thousands count on this service as their only source of unbiased news, social network and to feel part of the 21st century.

Can you please help me implementing "the ultimate sender", or pointing to another solution that I may be missing?

Answer 1

I have a few suggestions for you.

The first one relies on The Onion Router also known as Tor.

Since you are crossing to the dark side, why not also take a look into the darknet?

Take a look at this list of Tor email providers. If you have your own email server that can be accessed through Tor, it becomes much harder for anybody to stop people from using this service. After all, Tor was developed to offer people uncensored access to the web.

You can read about Tor in detail here, it uses Onion Routing and this is how you would set up your server to use Tor.

Here is an example how you could use it:

The steps that involve the setup, receiving an URL request and sending back the reply are as follows:

1. Set up an email server.
2. Configure your email server to use Tor.
3. Publish the public service name. (e.g. "duskgytldkxiuqc6.onion")
4. Deploy a client that takes the service name and a URL, and let it send an email with a request to your server.
5. The client now waits for a reply.
6. You send a reply and the client receives it.

You can change your service name on a regular basis, but you need to make it accessible to those who will use this service.

Having an own email server means being able to control the email header.

Here is one example how you could make use of it:

1. Configure your email server so that it receives and recognizes emails which contain the requested URLs.
2. Before you send a reply modify the email header so that it shows a random IP address and a random sender email address including a random domain name.
3. Send your reply.

Sending an email that way means that you cannot be replied back to. But since your reply already contains the requested information there is no need to.

I hope this helps.

Answer 2

Crowd source it. Find a way that volunteers can send some emails for you. This is the only long term approach that I can think of. A simple web interface with mail to links would be be enough to get started although there are other potential problems with this approach too.

Because you are talking about low numbers of users, you could also use crowdsourcing to create the single email address per person approach. They can create an account on a specific set of email providers and give you the credentials. This would allow the single email per user approach or could be used to rotate through a large set of email accounts to send emails.

Answer 3

The simplest solution is perhaps to set up a local SMTP server on your own computer. You don't even need a server per se.

https://sourceforge.net/projects/winsmtpserver/

There are many other such applications. They are usually used to test SMTP functions during local development, but there is nothing against actually sending spam through them.

Answer 4

I know this would be quite a large task, but how about pairing the users with one or just a few emails so they always receive an email from that email.

1. I'd assume people wouldn't have more than 100 queries per day, if so they could start receiving them from a backup email

2. I'd imagine it would look less suspicious for them to appear to be in constant contact with one unique email rather than 50,000 being in contact with one

I know this would be a huge undertaking, but I feel like it solves your issue.

Answer 5

Since the users are willing to receive emails form you then your shouldn't be blocked.

When you mentioned you are getting block does it mean your mail is going in spam or is getting lost in between sending and receiving or it is getting bounced back??

My suggestion would be to setup your own mail server and follow as below:

-Get approx 25 or more ip to rotate. (IP is the most imp part which is tracked and is accountable for the reputation of your mail server)

• Don't start sending emails in bulk from the word go it is better to gradullay increase the email volume so that mail server reputation nicely built

• keep changing the format of the email often

• encourage user to add yourself to there contact list

• your best part is user are willing to receive emails from you and you would reply to revived email is the USP of yours but still i will recommend you to register for FBL so that you would know which user is reporting you as spam and you can remove him from your list and never send him email again.

• using best practice to send emails like dkim, SPF, dmarc are also vital.

Hope my answer was of some help to you. If you need step by step guide to step up mail server let me know.

Answer 6

My friend, do you remember what made Hillary Clinton lose the last elections to Trump?

It was the "mail" affair. And what was it? People discovered she shared confidential information through a non-official, non-governmental email account (i.e., she used some Gmail, Yahoo or another of a kind). Until here, nothing new with direct relation to your matters. But there is an small particularity on this history, and this can put, maybe not a solution, but maybe a light on a new path you could follow: Clinton actually never sent those emails; the email account she used had the password shared and the communication between people (Clinton-someone) occurred only using the drafts of the account.

How? One side logs in and accesses the drafts folder. There he/she reads the last message and edits it, cutting and writing new data - then save the draft message. On the next turn, the other side of the communication line logs in and do the same. And so forth, so never really sending those messages, but instead just updating the drafts (this "Hillary" method does schooled people... Dilma Rousseff, impeached ex-president of Brazil, actually did this method down there in Brazil too).

So, maybe if you could establish a pact with your user that he/she doesn't delete the account's password, you could pass those information by this method - without "really" exchanging emails. Maybe a "parent" email account (some that could reset a lost password) could be useful too.

Alternative: aren't you able to contract a regular HTTP webserver? You could rely on FTP to publish data to your user, he/she asks for it and you publish a page with that content.

Salvi, have you tried something with Telnet? OK, we are talking here about a text-only environment, but if nothing more would rest in the future, this could be better than nothing. Maybe you could implement a podcast-like, or push-like service based on it. Look what people do with it with references to your walk on the dark side...

1. If in Windows, open your command prompt.
2. Type telnet and press Enter.
3. Type "o" without quotes and press Enter.
4. Type "towel.blinkenlights.nl" without the quotes and press Enter.