Chris Norton wrote:
> Hello,
>
> I am trying to think of a way to setup an email address sort of like a
> honeypot, which I do run a few, to attract emails such as phishing, new
> Mass mailing worms/viruses and would like some input on the best way of
> doing this. I would think it would consist of doing something such as
> posting the email address to a lot of places on the internet but what
> would be the best way to go about this? Any help or ideas would be
> great.
From my experience:
1.- register a domain
2.- setup a box that listens as MX record for that domain and create
valid e-mail boxes in it. My setup is based on a free OS + free software
for the MTA, POP3 and IMAP servers all in a tiny Vmware image that can
easily be replicated and switched to a different domain.
3.- use the e-mail addresses to:
- post to mailing lists (such as this one)
- post to web forums
- reply to spam e-mail
- send information requests through web forms
(....)
4.- wait for spam
5.- PROFIT! (well, not really)
You could also use the e-mail addresses for "unsubscribing" links based
on spam e-mails however, however, from my experience:
- spammers will not spam e-mail addresses sent to unsubscription forms
that were not registered previously
- spam now uses non-evident unsubscription links (e-mail addresses are
ofuscated through hashes) so it's not that easy to try to add yours in
> Hello,
>
> I am trying to think of a way to setup an email address sort of like a
> honeypot, which I do run a few, to attract emails such as phishing, new
> Mass mailing worms/viruses and would like some input on the best way of
> doing this. I would think it would consist of doing something such as
> posting the email address to a lot of places on the internet but what
> would be the best way to go about this? Any help or ideas would be
> great.
From my experience:
1.- register a domain
2.- setup a box that listens as MX record for that domain and create
valid e-mail boxes in it. My setup is based on a free OS + free software
for the MTA, POP3 and IMAP servers all in a tiny Vmware image that can
easily be replicated and switched to a different domain.
3.- use the e-mail addresses to:
- post to mailing lists (such as this one)
- post to web forums
- reply to spam e-mail
- send information requests through web forms
(....)
4.- wait for spam
5.- PROFIT! (well, not really)
You could also use the e-mail addresses for "unsubscribing" links based
on spam e-mails however, however, from my experience:
- spammers will not spam e-mail addresses sent to unsubscription forms
that were not registered previously
- spam now uses non-evident unsubscription links (e-mail addresses are
ofuscated through hashes) so it's not that easy to try to add yours in
Hope that helps
Regards
Javier
[ reply ]