On Mon, 10 Jun 2013, Marc Perkel wrote:
I'm experimenting with an interesting spam trap idea. Normally I run many
inbound servers as spam filters (Using Exim) with no SMTP authentication. But
then I got this idea ....
I decided to implement and advertise that the server had SMTP athentication
even though there was nothing to authenticate. I created an authenticator
that would accept any username and password. But it's obviously spam. Then I
harvest the spam.
One of the things I like about it is that if hackers are sending spam into my
fake server then it takes away from their efforts on real accounts that they
could hack. I'm wondering if enough of us put up fake authentication not only
can we detect spam that way but we could waste a lot of spammer's resources.
Thoughts?
Please don't feed messages caught by that into masscheck corpora without
stripping the authentication information. Feeding such messages in
unaltered will skew the results for legitimately authenticated mail.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Homeland Security: Specializing in Tactical Band-aids for Strategic
Problems. -- Eric K. in Bruce Schneier's blog
-----------------------------------------------------------------------
375 days since the first successful private support mission to ISS (SpaceX)
