On Thursday, May 6, 2004, 9:39:09 PM, Robert Menschel wrote: > I'm thinking that I should take that URI, cut and paste and modify it in > my browser, and go to something like: >> http://rmvs.com/r.asp?123456&[EMAIL PROTECTED]&H > Note that I modified the email address so it no longer points at the > original destination address, but instead to a honeypot (which actually > won't be named anything so obvious). The domain would be one from which I > can retrieve the honeypot.
> I then plan to > a) watch for a confirmation of the unsubscribe. That email can be > ignored. The only reason to watch for it is to avoid generating > garbage for the following actions. > b) autoforward all emails after any confirmation notice to > [EMAIL PROTECTED] (my own someaddress) as documented at > http://wiki.apache.org/spamassassin/SpamTrapping so this spammer's > spam is automatically included in the future development corpus > c) autoforward all such emails to [EMAIL PROTECTED], which is a POP3 > mbox that is automatically fed into sa-learn as spam. > d) dump those emails into my own spam corpus. > Since [EMAIL PROTECTED] is an address never used for any other > purpose, and since the only time this address is placed into a website's > system is to *unsubscribe*, any emails sent to that address will by > definition be spam (with the possible exception of a first > "confirmation"). This sounds ok to me except that a legitimate mailing list server would also usually respond with a confirmation, etc. But most of the spams are so obviously spams, that my comment above is probably not a practical concern. Jeff C. -- Jeff Chan mailto:[EMAIL PROTECTED] http://www.surbl.org/
