Making a sufficent set of honeypots minimally distinguishable from valid
should be a consideration in spam defense. A very large number of mine
same SMTP acceptance policies and latencies as valid accounts.
As for the other honeypots (undefended by RBLs, etc.), they'll go when
being useful. Benign diversity is a great thing. Incompatibility (a la
doesn't meet the "benign" criterion.
[mailto:owner-ietf-smtp(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of
Sent: Wednesday, December 05, 2007 9:30 AM
Subject: Everyone Greylists Except Honeypots ... So Let's Not
-----BEGIN PGP SIGNED MESSAGE-----
Does this notion bother anyone, in particular?
The argument for greylisting is apparently no longer - and if
it is, it can't be for *much* longer - that, "So what if we
can't detect non-MTSs anymore? We can still trap the bad
ones by letting our favourite non- greylisting BL spamtraps
So all Mr. Bad Guy needs to do now is realise the significant
uptake of greylisting for this one purpose, and never spam
any host that seems to accept all initial transactions. They
can do this simply by not entering the DATA state. And if
that's used as metric, by sharing data amongst themselves as
to the exact purpose of non-greylisting hosts.
Sabahattin Gucukoglu <mail<at>sabahattin<dash>gucukoglu<dot>com>
Address harvesters, snag this: feedme(_at_)yamta(_dot_)org
Phone: +44 20 88008915
Mobile: +44 7986 053399
-----BEGIN PGP SIGNATURE-----
Version: PGP 8
Comment: QDPGP - http://community.wow.net/grt/qdpgp.html
-----END PGP SIGNATURE-----