> How do you offer 'em up? > I guess by making them vulnerable in the same way valid addresses are vulnerable. And i guess that there are people who have studied the approaches that spammers take to get addresses.
> "Honeypot" is the name of the generic concept. > >From reading your reply, I can tell you are far more tech-savvy than I ... but I thought that a honeypot was an intentionally weak spot in a security system, where as the spam tactic is more a needle-in-the-haystack approach, where one intentionally pollutes namespace so that the valid addresses become needles and the spammer has to spam the entire haystack in order reach the needle. > How do you choose to ignore the spammers? > Filter on the sender's email address? > Block the IP of the sender? > If similar content is received at fictitious addresses, then it is spam. > I like the idea of greylisting > I'm not sure what greylisting is > I also am trying to think of the downside of changing the SMTP spec > to keep the connection open until AFTER the receiver has recieved the > body and had a chance to run the headers/body through a spam-filter. > > It keeps the connection open while scanning, which (presumably) > slows the rate that spam can be sent, and increases the chance > that the spammer will end up in an RBL, which increases the cost > to the spammer. > That is a bit over my head, for example I'm not sure what connection you are talking about. It sounds like your are thinking in terms of realtime filtering. The tactic would not provide for realtime filtering unless a huge system of cooperatively is built. But this shortcoming would be okay (with me) because I already skim off emails from trusted sources before I apply filters. -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
