How the Clinton campaign fooled the FBI

In 2016, Hillary Clinton tweeted that "computer scientists have apparently uncovered a covert server linking the Trump Organization to a Russian-based bank."

Michael Sussmann was tried and acquitted for lying to the FBI when he provided evidence of this communication while claiming he was not associated with the Clinton campaign.  The computer scientists associated with the Clinton campaign did not uncover the communication between the Trump Organization and the Alfa Bank; they created it. 

Here is how it can be done:

Assume I am working for an I.T. department that manages its own DNS (Domain Name Service) and mail servers (Running Linux).  If not, I can lease a server with a block of I.P. addresses and configure it with two DNS servers and a mail server.  Now I remotely log in to the mail server (or the leased server) and issue the following command (since these are real addresses, we're using asterisks):

echo "Test from" | mail -s "The Trump Organization" -aFrom: DonJr@tr***.org contact@alphabank.**

This will send a message from DonJr@tr***.org to contact@alphabank.** with the subject "The Trump Organization" and message "Test from tr**.org".  You can also find actual contact addresses on the Alfa Bank website.

When the command is issued, among other things, the Alfa Bank mail server will contact one of its DNS servers, which will contact my DNS server, to check if the hostname of my mail server matches the mail server's IP address.  This will leave a nice thumbprint of the Alfa Bank DNS server in my DNS logs.

More importantly, the Alfa Bank DNS server will contact the DNS server to query if my mail server is authorized to send mail for the domain.  (Which, of course, it is not.)  This is bona fide "covert" communication between the Russian bank and the Trump Organization server, and will leave a nice entry in the DNS logs.  Since my mail server is not authorized to send mail for, the Alfa Bank server will close the connection and not accept the message.  Nobody except me will know this ever happened.

Now I can set up a CRON job on my Linux mail server to send these messages automatically at any day or time.  I can also edit my DNS logs using the Alfa Bank's thumbprint, and show it to the FBI claiming it was taken from the Trump Organization server.  Apparently, the CIA reviewed the logs and determined that they were more likely user-generated than machine-generated.  A nothingburger.

Image: Hillary Clinton campaign.

If you experience technical problems, please write to