Henrik K wrote:
sure there's other useful stuff you can do with spamtrap mails too.
Unfortunately it takes a lot of effort to create *good* spamtraps.
Yep.
It's just
too much trouble for a normal admin, I leave it to those who have time on
their hands. You can do the simple grep for "mistyped" non-existant
addresses from logs etc, but it's just silly botnet crud that doesn't
represent the "real" spam coming to real users (that leak their addresses in
all sort of ways).
This is exactly what I have a problem with: while lots of spam is
directed at my regular users, I get very little spam caught in my
spamtraps.
I have published spamtrap addresses (in "hidden" HTML of course, like
"mailto:address"; in the same color as background of the page) on many
company webpages, posted spamtraps to Usenet some 6 months ago and I
still get very little spam caught in spamtraps.
I have a haunting suspicion that email correspondents of my users have
trojans or smth in their Outlooks, which then leak the addresses to
spammers. Either that, or spammers get addresses some other way. Getting
my spamtrap addresses into spammers address lists has been a problem for
me.
Any other ideas on how to do that?
I don't see any point Bayes-learning simple-to-block
botnet mails either, since it's completely separate thing from the sneakier
419 and phish stuff..
What's "419" stuff?
Regards,
Marcin Krol
