On 5/18/05, m ike <[EMAIL PROTECTED]> wrote: > > How do you offer 'em up? > > > I guess by making them vulnerable in the same way valid addresses are > vulnerable. > And i guess that there are people who have studied the approaches that > spammers > take to get addresses. >
So that would probably be devoting pages on your website to having email addresses on them, and letting viruses break into your computer and just "think" that they are getting good email addresses. Of course spammers won't notice sources of email addresses that turn out to never produce purchases right? > > > "Honeypot" is the name of the generic concept. > > > >From reading your reply, I can tell you are far more tech-savvy than I ... > >but > I thought that a honeypot was an intentionally weak spot in a security system, > where as the spam tactic is more a needle-in-the-haystack approach, where > one intentionally pollutes namespace so that the valid addresses become > needles and the spammer has to spam the entire haystack in order reach > the needle. > No, a honeypot is a system that is made to be compromised in order to research those who are breaking in. Here's the big one http://www.honeynet.org/ that also has links to a lot of pertinent information. > > > How do you choose to ignore the spammers? > > Filter on the sender's email address? > > Block the IP of the sender? > > > If similar content is received at fictitious addresses, then it > is spam. > > Okay so that is the one thing about this idea I really like. EXCEPT YOUR SPAM SOLUTION INTENTIONALLY INCREASES THE VOLUME OF JUNK MAIL. That is in no way a systematic solution because the people who ARE bearing the costs (other than your and my time sifting through spam) are certainly never going to support a methodology with that outcome. > > I like the idea of greylisting > > > I'm not sure what greylisting is > hmmmmmm whitelisting = good senders, blacklisting = bad senders, grey listing = use all of the other junk that you normally use like baysian filters etc. on it becasue you don't have a reputation associated with it either way. Is that what you were trying to say? > > > I also am trying to think of the downside of changing the SMTP spec > > to keep the connection open until AFTER the receiver has recieved the > > body and had a chance to run the headers/body through a spam-filter. > > YOU try to convince everyone to change their infrastructure....... please refer back to the FUSSP list for some comments on this one. What do you think the likelyhood of convincing people who's business profit comes from efficient utilization of hardware and networks to do that. Mind you there is already a mechanism for cutting the transfer of short if the amount coming is too big so........... > > It keeps the connection open while scanning, which (presumably) > > slows the rate that spam can be sent, and increases the chance > > that the spammer will end up in an RBL, which increases the cost > > to the spammer. > > Yes, but RBL's are a relic and certainly not the future. You can spend lots of time trying to block the bad guys, or just only accept mail from people with good reputations (which would also include people who use reputable service providers) which is the way things are going anyway. > That is a bit over my head, for example I'm not sure what connection > you are talking about. It sounds like your are thinking in terms of > realtime filtering. The tactic would not provide for realtime filtering > unless > a huge system of cooperatively is built. But this shortcoming would be > okay (with me) because I already skim off emails from trusted sources > before I apply filters. > > hmmmm, I'd suspect they meant TCP connection, and again I'd LOVE to see you convince someone that useless resource and bandwidth usage is an integral part of an effective spam solution. T -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
