RE: spam honeypot

["Steve" <djsteveb () comcast net>]

Might want to check with the FTC and the Canadian gov't... They are calling
them proxy pots..
"
two of the "victim" computers in the FTC cases were actually decoys, known
as "proxy pots." 
"
From:
http://today.reuters.com/news/newsarticle.aspx?type=domesticNews&storyid=200
5-12-20T192317Z_01_EIC069553_RTRUKOC_0_US-SPAM-FTC.xml


If this has been covered in the list, I apologize, I checked the last so
many and did not see mention of it... I suppose this will be the case that
decides about the whole honeypot entrapment thing maybe...

WASHINGTON (Reuters) - U.S. and Canadian authorities took legal action
against e-mail spammers who were using hijacked computers to conceal their
identities, the Federal Trade Commission said on Tuesday.

The FTC said eight spam operators had been shut down or sued in a series of
actions taken by the FTC, Canadian consumer protection officials and state
attorneys general in Florida, North Carolina and Texas.

Among the products being hawked in the e-mails were prescription drugs,
mortgages and purported "fuel-saving" devices for automobiles, the FTC said.

In the three cases brought by the FTC, the agency said it had charged
spammers with violating federal law by sending spam with false information
about the source of the message and misleading subject lines, and by failing
to provide an "opt-out" option or a physical address.

The FTC said the spammers targeted in the all cases had hijacked the
computers of innocent consumers and used them as "spamming machines" to
relay the illegal e-mails.

That practice obscures the original source of the message so spammers can
avoid detection by law enforcers and allows them to thwart filters used by
Internet service providers, the agency said.

However, two of the "victim" computers in the FTC cases were actually
decoys, known as "proxy pots." Instead of relaying the spam, they captured
it and passed crucial information to law enforcement officials.

Two other cases were settled by Canada's competition bureau, with the
defendants agreeing to refrain from future violations and pay a penalty. The
three state attorneys general filed complaints seeking to block three more
spam operations, the FTC said. Those cases are still pending.


-----Original Message-----
From: Jason Beauford [mailto:jmbeauford () hotmail com] 
Sent: Thursday, December 22, 2005 1:49 PM
To: george.p123 () gmail com; honeypots () securityfocus com
Subject: RE: spam honeypot

Check out the Mailinator Project.  They've got a FANTASTIC system for
catching spam...Best I've seen.

http://www.mailinator.com

JMB


> From: George <george.p123 () gmail com>
> To: honeypots () securityfocus com
> Subject: spam honeypot
> Date: Wed, 21 Dec 2005 16:02:24 +0200
>
> Hello!
> I'm making a research about spam and i need a system  to catch the spam 
> with my sources in real time.  I read a lot of documentation about 
> honeypots and i want to develop an open relay honeypot. The problem is 
> that all the documentation that i had read is old and the things had 
> change, the spammers evolved. So, i want to ask how efficient is an 
> open relay honeypot and what other honeypot technology i can use to 
> catch spam?
> Thanks in advice!
>
> George