Honeypots mailing list archives
Re: Honey email address?
From: Javier Fernandez-Sanguino <jfernandez () germinus com>
Date: Tue, 21 Mar 2006 14:57:40 +0100
Chris Norton wrote:
Hello,I am trying to think of a way to setup an email address sort of like a honeypot, which I do run a few, to attract emails such as phishing, new Mass mailing worms/viruses and would like some input on the best way of doing this. I would think it would consist of doing something such as posting the email address to a lot of places on the internet but what would be the best way to go about this? Any help or ideas would be great.
From my experience: 1.- register a domain2.- setup a box that listens as MX record for that domain and create valid e-mail boxes in it. My setup is based on a free OS + free software for the MTA, POP3 and IMAP servers all in a tiny Vmware image that can easily be replicated and switched to a different domain.
3.- use the e-mail addresses to: - post to mailing lists (such as this one) - post to web forums - reply to spam e-mail - send information requests through web forms (....) 4.- wait for spam 5.- PROFIT! (well, not really)You could also use the e-mail addresses for "unsubscribing" links based on spam e-mails however, however, from my experience:
- spammers will not spam e-mail addresses sent to unsubscription forms that were not registered previously - spam now uses non-evident unsubscription links (e-mail addresses are ofuscated through hashes) so it's not that easy to try to add yours in
Hope that helps Regards Javier
Current thread:
- Honey email address? Chris Norton (Mar 17)
- Re: Honey email address? D . Snezhkov (Mar 17)
- Re: Honey email address? Nathaniel Hall (Mar 17)
- Re: Honey email address? Packet Man (Mar 17)
- Re: Honey email address? Jeff Rosowski (Mar 29)
- Re: Honey email address? Javier Fernandez-Sanguino (Mar 21)
- <Possible follow-ups>
- RE: Honey email address? Beauford, Jason (Mar 17)
- RE: Honey email address? Bergert, David (Mar 17)
- Re: Honey email address? D . Snezhkov (Mar 17)