honeytokens - catching spammers with their hands in the cookie jar

[Atom Emet <Atom () Business-PHP com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

* i'm not subscribed here, so please CC me on any responses... thanks!

after reading lance spitzner's article on honeytokens, i realized that i'd
written such an application, although i've never before heard the term.

i told lance about my application, and he mentioned that it would be
interesting to the people on this list.

http://Business-PHP.com/opensource/cookiejar/

i've been using this for a while, and it pinpoints where and when a
spambot hit one of my sites. when reporting the spam to the ISPs, i
include this information and how it was gathered. i also grep out the
offending IP address from my sites web log, to "prove" that access was
made during that time.

all of the sub-domains that i use for this application are sent to a
special mail folder. NOTHING winds up there except for pure spam.


        Atom Emet
               Business-PHP   -   Functionality. Security. Aesthetics.
        http://Business-PHP.com
        828-242-7698

        PGP key - http://Business-PHP.com/pgp.txt
         550D CC5E F1A3 B969 2E4B 6872 9A95 9D19 9131 544A
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
Comment: What is this gibberish?  -  http://atom.smasher.org/links/#digital_signatures

iEYEARECAAYFAkCKpJEACgkQmpWdGZExVErMGwCfcLjknZL3WTptR0B5TnHF8CQx
VKQAn1pcI1W3+8Pb3sLYCXrkMY6l6BmZ
=+kBt
-----END PGP SIGNATURE-----