Marcin Krol a écrit : > Henrik K wrote: > sure there's other useful stuff you can do with spamtrap mails too. >> >> Unfortunately it takes a lot of effort to create *good* spamtraps. > > Yep. > >> It's just >> too much trouble for a normal admin, I leave it to those who have time on >> their hands. You can do the simple grep for "mistyped" non-existant >> addresses from logs etc, but it's just silly botnet crud that doesn't >> represent the "real" spam coming to real users (that leak their >> addresses in >> all sort of ways). > > This is exactly what I have a problem with: while lots of spam is > directed at my regular users, I get very little spam caught in my > spamtraps. > > I have published spamtrap addresses (in "hidden" HTML of course, like > "mailto:address"; in the same color as background of the page) on many > company webpages, posted spamtraps to Usenet some 6 months ago and I > still get very little spam caught in spamtraps. > > I have a haunting suspicion that email correspondents of my users have > trojans or smth in their Outlooks, which then leak the addresses to > spammers. Either that, or spammers get addresses some other way. Getting > my spamtrap addresses into spammers address lists has been a problem for > me. > > Any other ideas on how to do that? >
I get a lot of junk to addresses with many digits (phone style or message-id style). > I don't see any point Bayes-learning simple-to-block >> botnet mails either, since it's completely separate thing from the >> sneakier >> 419 and phish stuff.. > > What's "419" stuff? > 419 = Advanced Fee Fraud = Nigerian scam. 419 is the number of a section of a (old?) related criminal code of Nigeria.
