On Wednesday, Apr 9, 2003, at 11:49 Europe/London, Brad Spencer wrote:
At 10:06 AM 4/9/2003 +0100, Matt Sergeant wrote:
I don't see how an open proxy honeypot would work. With an open relay
honeypot you can deliver the test message at any later time. An open
proxy probe is realtime.
The open proxy may get two types of use: the spammer may try to test
other IPs through it to see if they are open relays or he might try to
send spam through it to known open relays.
This is a bogus assumption. It's much easier to test an open proxy by
testing it can connect somewhere you own, not check that you can relay
mail through it. I have no idea why a spammer would try the latter
since it's much *much* slower. Or you'd even test it can access a known
web site, like google.
Can you explain why a spammer might try an email first rather than just
check the proxy is functioning?
Matt.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg