Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Attacks on Spam

Posted by michael on from the war-machine-springs-to-life-opens-up-one-eager-eye dept.

AttackOfTheDictionaries writes "Project Honey Pot started operating back in November. The Project provides its participants with a script that generates fake webpages with unique honeypot email addresses. The end result is that Project Honey Pot can connect email harvesters' IP addresses with the spam received by those honeypot email addresses. Which is pretty nifty, but left some people asking how that would help legal attacks on spam. Well, it seems that some lawyer over at SecurityFocus has an answer."

1 of 153 comments (clear)

  1. Joined yesterday by Anonymous Coward · · Score: 4, Informative

    I donated a few MXs (10 different domains), and setup a few honeypots. It's fairly easy to do assuming you have a basic understanding of DNS, and you don't mind enabling short PHP tags (if using their PHP script).

    I do have some concerns though. Just from a few minutes with it, it seems like it'd be fairly easy for spammers to detect. They only have a limited number of MXs the spam can go to. You could just check where the spam was going, and stop it if it's hitting a honeypot. It'll probably work for a little while before the spammers have time to adapt.

    Also, while you can start tracking spammers at this point, you don't really get much out of it, yet. They apparently may set up some sort of HTTP RBL so people can stop bad crawlers, but it doesn't exist at this point.