Making a sufficent set of honeypots minimally distinguishable from valid addresses should be a consideration in spam defense. A very large number of mine have the same SMTP acceptance policies and latencies as valid accounts.
As for the other honeypots (undefended by RBLs, etc.), they'll go when they stop being useful. Benign diversity is a great thing. Incompatibility (a la graylisting) doesn't meet the "benign" criterion. Regards, Alex Bobotek alex bobotek.net > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Sabahattin > Gucukoglu > Sent: Wednesday, December 05, 2007 9:30 AM > To: [email protected] > Subject: Everyone Greylists Except Honeypots ... So Let's Not > Spam Honeypots! > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Does this notion bother anyone, in particular? > > The argument for greylisting is apparently no longer - and if > it is, it can't be for *much* longer - that, "So what if we > can't detect non-MTSs anymore? We can still trap the bad > ones by letting our favourite non- greylisting BL spamtraps > capture them!" > > So all Mr. Bad Guy needs to do now is realise the significant > uptake of greylisting for this one purpose, and never spam > any host that seems to accept all initial transactions. They > can do this simply by not entering the DATA state. And if > that's used as metric, by sharing data amongst themselves as > to the exact purpose of non-greylisting hosts. > > Any thoughts? > > Cheers, > Sabahattin > > - -- > Sabahattin Gucukoglu <mail<at>sabahattin<dash>gucukoglu<dot>com> > Address harvesters, snag this: [EMAIL PROTECTED] > Phone: +44 20 88008915 > Mobile: +44 7986 053399 > http://sabahattin-gucukoglu.com/ > > > -----BEGIN PGP SIGNATURE----- > Version: PGP 8 > Comment: QDPGP - http://community.wow.net/grt/qdpgp.html > > iQA/AwUBR1bgNSNEOmEWtR2TEQJeGACfRn3DRGVvi0C1+ucvPJpW44J6wq8AoLbo > qLQCroHslVRBW0AZk6MFyDAh > =KFk2 > -----END PGP SIGNATURE----- > >
