Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Do You Fool Spam Bots?

Posted by Cliff on from the email-armor dept.

ThisIsAnExampleAccou asks: "I am currently researching Spam Bots, and the various methods by which they collect addresses. While doing my research, I have started to notice the various ways that people post their email addresses to fool spam filters (i.e. bob@hottroutmail.com - go fishing to mail me) What clever ways have you seen/done to fool spambots while still letting people know how to get in contact with you?"

13 of 87 comments (clear)

  1. Re:I don't. by Alan+Shutko · · Score: 4, Insightful

    I post my address unobfuscated, you insensitive clod!

    Ditto. Google my address and you'll find it in mailing lists, Usenet, web pages. It's everywhere. It's also about 4 years old, I think.

    I don't believe in making people jump through hoops to get in touch with me. And as you've noted, you have to make your email address increasingly more obfuscated to keep it off of lists. And if one of your friends or family gets a virus or sends you an e-card, your address is "contaminated" and you'll get junk.

    Instead, I run bogofilter and deal with it. I don't have to constantly send out new addresses to people. If a friend from elementary school wants to look me up, he can find me. (And yes, that's happened.) And people can actually hit "reply" on messages I post. Wow.

  2. Hi! by Teancom · · Score: 2, Funny

    I'm frustrated because my spambot hasn't been picking up nearly as many email addresses recently, as comparared to what it used to. Some people out there are really clever! :-( Could you please detail to me exactly how you try and keep me from harvesting your address? Oh, and putting into a testcase form would just be the icing on the cake!

    Sincerely,

    Your Friendly Neighborhood Spammer

  3. I have a million addresses.... by crstophr · · Score: 4, Interesting

    You just need your own domain... where you can recieve email for any address at that domain.

    Every time I give out an email address to someone new I give them a unique email address. Every time I put my email into a web form for some company they get it in the following format:

    companyname@mydomain.com

    friends can get silly things like:
    spankie@mydomain.com or whatever.....

    other examples:
    planetside@myname.com
    jobs@myname.com
    bioinformatics@myname.com

    Then, if I begin recieving spam on one of the addresses I know exactly who it is coming from or who at least is responsible for giving out my email address. I can also go in and specifically turn off the offending email address, or better yet have each mail recieved fire off a "custom" error message or some script I have setup.

    I've been using this method for a year and believe it or not I don't recieve more than 1 spam mail a week and never recieve it more than once on any given address. What is wonderful is that I have no fear or worry about giving out email addresses any more.

    --Chris

    1. Re:I have a million addresses.... by skinfitz · · Score: 3, Interesting

      This is a technique I described at DNSCON last year.

      I go one further though - once you start to get spam to an address that you registered with a specific company (say ticketmaster@mydomain.com for example) then reroute all mail to that address to the relevant abuse reporting addresses.

      The result? By spamming you they automatically report themselves while you never see the spam.

  4. Add both From: and Sender: headers by Tor · · Score: 2, Informative

    You could add both a "From: " and a "Sender: " header to your usenet/mailing list postings:
    From: you@yourdomain
    Sender: blockme@yourdomain

    You'll gets tons of spam to both addresses (not neccessarily the same spam, unfortunately - that would make filtering real easy). You run SpamAssassin (or similar) to filter mail to your real address, and you run "spamassassin -r" or "razor-report" to handle mails sent to your spamtrap address (making the Razor service, and in turn, SpamAssassin, more efficient at identifying these spams).

    Better yet, if your MTA is Exim, use SA-Exim to add teergrubing functionality to SpamAssassin. Oh, the satisfaction! :-)

  5. My solution... by cmowire · · Score: 3, Informative

    I encode the IP address of whoever's requesting the email address and the current date and time. So each request gets a unique email address.

    The file is forbidden by the robots.txt file. I don't think that it surprises anybody that it still has gotten spambotted. ;)

    --
    Gentoo Sucks
  6. GIF by Detritus · · Score: 3, Insightful

    I recently tried to email the maintainer of a web page and quickly discovered that the listed email address wasn't text, it was rasterized text in a GIF file. Unless the bot can do OCR, it can't read it. The only problem is that this trick is hostile to the blind.

    --
    Mea navis aericumbens anguillis abundat
  7. Good ol' jpeg by Unsolicited+Commando · · Score: 2, Interesting

    I use a good ol' jpeg file. Has never ever let me down. Not even once. Also, I've got a spider trap on my website.

    --

    Get revenge: Unsolicited Commando

  8. Shoulders of Giants... by GeorgeH · · Score: 2, Informative

    There's been some research on what methods work best. The CDT put out a paper in March detailing their experiment and its results. It was also covered on Slashdot.

    --
    Why can't I moderate something "Wrong" or at least "Grossly Misinformed"?
  9. Block spammers via DNS by Anonymous Coward · · Score: 4, Interesting

    If you have your own domain you can do this:

    I set up 1000 mx records like mail0001.mydomain.com, mail0002... etc. Then I setup my mail program with myaddress@mail0001.mydomain.com. Every time I sent mail to someone I would increment the number by one. Whenever one of those addresses got spammed I would delete the MX record. And I would know which asshole spammed me.

    The nice thing about blocking spam via DNS is that the spammers never connect to your SMTP server, which saves a lot of bandwidth.

    1. Re:Block spammers via DNS by bluelip · · Score: 2, Informative

      for sites that require registraion I identify them in the address itself. It you control the domain, it's ccake to setup/use.

      www.realplayer.com@mydomain.com
      www.gatorbuddy. com@mydomain.com
      www.reallydoesn'tfollowitsprivac ystatement.com@myd omain.com

      It INSTANTLY identifies where the email was scarfed from.

      This also works for snail mail also. I usually use the store/companies name as my firstname. For example, I wanted a Black Diamond catalog. The companies initials are bdel. For my name I gave:

      Bdel Coles

      It was humorous watching the junk mail arrive sent to bdel. Easily tell whether or not your address was sold/rented.

      --

      Yep, I never spell check.
      More incorrect spellings can be found he
  10. Using html tags inside the e-mail address by njchick · · Score: 2

    I use attribute around "@" on my homepage. me<strong>@</strong>mydomain.org renders to me@mydomain.org, which is easy to cut and paste, but not trivial for bots to extract.

  11. you don't use any answers read here by Splork · · Score: 2, Insightful

    the spam bot authors have already patched their bots for anything mildly useful mentioned in this thread.