spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Hardin <jhar...@impsec.org>
Subject Re: Interesting Spam Trap Idea - Fake Authentication
Date Mon, 10 Jun 2013 15:40:12 GMT
On Mon, 10 Jun 2013, Marc Perkel wrote:

> I'm experimenting with an interesting spam trap idea. Normally I run many 
> inbound servers as spam filters (Using Exim) with no SMTP authentication. But 
> then I got this idea ....
>
> I decided to implement and advertise that the server had SMTP athentication 
> even though there was nothing to authenticate. I created an authenticator 
> that would accept any username and password. But it's obviously spam. Then I 
> harvest the spam.
>
> One of the things I like about it is that if hackers are sending spam into my 
> fake server then it takes away from their efforts on real accounts that they 
> could hack. I'm wondering if enough of us put up fake authentication not only 
> can we detect spam that way but we could waste a lot of spammer's resources.
>
> Thoughts?

Please don't feed messages caught by that into masscheck corpora without 
stripping the authentication information. Feeding such messages in 
unaltered will skew the results for legitimately authenticated mail.

-- 
  John Hardin KA7OHZ                    http://www.impsec.org/~jhardin/
  jhardin@impsec.org    FALaholic #11174     pgpk -a jhardin@impsec.org
  key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
   Homeland Security: Specializing in Tactical Band-aids for Strategic
   Problems.                       -- Eric K. in Bruce Schneier's blog
-----------------------------------------------------------------------
  375 days since the first successful private support mission to ISS (SpaceX)

Mime
View raw message