Changing subject of this thread.
-----Original Message-----
From: Brad Spencer [mailto:brad(_dot_)madison(_at_)mail(_dot_)tds(_dot_)net]
Sent: Friday, April 04, 2003 11:44 AM
To: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] define spam
At 11:20 AM 4/4/2003 -0500, you wrote:
Process question. How do you become a relay honeypot without being
blacklisted?
Spammers scan for open relays. When they find you you become
(more often
than not) an active honeypot. I got checked about 15
minutes ago - a
recipient (dropbox) I don't recognize. The weekend is coming
up - I'll see
if I get spam (I decided to deliver this one.)
At least one operator has reported enhanced results by being
blacklisted -
he nominated himself. Open relay DNSBL's list the open
relays. If the IP
you are using will never be a spam source then having it
blacklisted causes
no harm to any valid email. It does cause harm to the
spammer who gets his
lists of open relays by consulting a blacklist.
Originally I ran a combined server/honeypot (I separated
relay spam from
valid email.) I got blacklisted. It was (still is) an .edu IP. In
reality the number of times a user complained about blocked
delivery was so
small it wasn't a problem (plus I smart-hosted the
server/honeypot to an IP
that wasn't blacklisted for a long time.)
I think blacklists should be salted with honeypots - it's
about as easy a
way to give spammers grief that I can imagine. Salt them
enough and the
spammers will stop using them as lists of open relays. Maybe
I'm weird but
I always find it funny when a spammer sends relay spam to a
honeypot - in
addition to its function a salted-address honeypot could be a
source of
amusement. It's REALLY funny (to me) to deliver a relay test
in the middle
of the spam run - Spammy has tumbled somewhat to the fact that his
responses are zip from the spam sent to that particular relay
and he's
checking it. He sees: no problem, it relays fine. How can
you not laugh?
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg