Re: Spam Honeypot

[bill parducci]

unless the spammer is only looking at the SMTP codes (not going into *that* discussion again :o) the machine is going to have to actually *deliver* the note. at that point it will be an open relay and will be part of the problem. also, any spammer worth a darn will have a handful of 'feedback' accounts sprinkled in with the spam targets to make sure that the process completed (e.g. checking to make sure that the open relay doesn't stop sending mail--intentionally or not--in the middle of the job). 

the bottom line is that there isn't a good way to 'pretned' to be an open relay with the intent of harvesting useful information in my opinion. at most you will be able to log sites that probe for such bechavior but that can be done on a normally configured machine. 

there are a number of other ways to attract spam that i believe are more practical.

b

Randahl Fink Isaksen wrote:
That, I believe, is as simple as not requiring the sender to log in and
not requiring the sender to be in the local network either. I
accidentally set up my James configuration like this and found my server
transmitting huge amounts of spam in no time. Often I do not think the
spammers even care to send a probe e-mail to check that the message
arrives. Maybe they just bill the clients for the number of e-mails that
were accepted by the abused servers...
If he is able create some trouble for the spammers in a legal manner I
wish him the best of luck.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]