Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Attacks on Spam

Posted by michael on from the war-machine-springs-to-life-opens-up-one-eager-eye dept.

AttackOfTheDictionaries writes "Project Honey Pot started operating back in November. The Project provides its participants with a script that generates fake webpages with unique honeypot email addresses. The end result is that Project Honey Pot can connect email harvesters' IP addresses with the spam received by those honeypot email addresses. Which is pretty nifty, but left some people asking how that would help legal attacks on spam. Well, it seems that some lawyer over at SecurityFocus has an answer."

5 of 153 comments (clear)

  1. Joined yesterday by Anonymous Coward · · Score: 4, Informative

    I donated a few MXs (10 different domains), and setup a few honeypots. It's fairly easy to do assuming you have a basic understanding of DNS, and you don't mind enabling short PHP tags (if using their PHP script).

    I do have some concerns though. Just from a few minutes with it, it seems like it'd be fairly easy for spammers to detect. They only have a limited number of MXs the spam can go to. You could just check where the spam was going, and stop it if it's hitting a honeypot. It'll probably work for a little while before the spammers have time to adapt.

    Also, while you can start tracking spammers at this point, you don't really get much out of it, yet. They apparently may set up some sort of HTTP RBL so people can stop bad crawlers, but it doesn't exist at this point.

  2. Where is the Mafia when you need them? by Anonymous Coward · · Score: 1, Informative

    Seriously, the Mafia can solve all our spam problems. They have computer experts who could track spammers and they aren't afraid to whack anyone. I'm not talking about killing people here, just frightening them. All they have to do is track down spammers and give them an offer they can't refuse. Get out of the spam business or they get a couple of broken collarbones.

    Problem solved.

  3. RTFA by brunes69 · · Score: 2, Informative

    The list is linked to right in it

    http://www.projecthoneypot.org/bots_and_servers.ph p

  4. Does anybody read RFCs? by Anonymous Coward · · Score: 2, Informative
    The rule is for non-transiant effects, all web sites must use POST.

    From RFC 2616,

    Implementors should be aware that the software represents the user in their interactions over the Internet, and should be careful to allow the user to be aware of any actions they might take which may have an unexpected significance to themselves or others.

    In particular, the convention has been established that the GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. These methods ought to be considered "safe". This allows user agents to represent other methods, such as POST, PUT and DELETE, in a special way, so that the user is made aware of the fact that a possibly unsafe action is being requested.

    Naturally, it is not possible to ensure that the server does not generate side-effects as a result of performing a GET request; in fact, some dynamic resources consider that a feature. The important distinction here is that the user did not request the side-effects, so therefore cannot be held accountable for them.

    Clicking a link, or fetching any page with GET by any means does not sign a contract. That is the rule set forth by the HTTP protocol.

  5. Re:Follow the Money ... California Spam Law does by triclipse · · Score: 2, Informative
    As looney as I think the California legislature is, they did a pretty good job on recognizing the economic incentives behind spam. California Business and Professions Code 17529 holds the advertisers equally accountable with the actual spammers:

    (j) There is a need to regulate the advertisers who use spam, as well as the actual spammers, because the actual spammers can be difficult to track down due to some return addresses that show up on the display as "unknown" and many others being obvious fakes and they are often located offshore.
    (k) The true beneficiaries of spam are the advertisers who benefit from the marketing derived from the advertisements.

    Part of the enforcement provision in 17529.5 starts:

    17529.5. It is unlawful for any person or entity to advertise using a commercial e-mail advertisement either sent from California or sent to a California electronic mail address under any of the following circumstances: ...
    IAAL in CA, and I am using this law to go after a few spammers. It is quite fun.
    --
    No Inflation Taxation without Representation