Re: Honey email address?

[Javier Fernandez-Sanguino <jfernandez () germinus com>]

Chris Norton wrote:
> Hello,
>
> I am trying to think of a way to setup an email address sort of like a 
> honeypot, which I do run a few, to attract emails such as phishing, new 
> Mass mailing worms/viruses and would like some input on the best way of 
> doing this. I would think it would consist of doing something such as 
> posting the email address to a lot of places on the internet but what 
> would be the best way to go about this? Any help or ideas would be 
> great.

From my experience:

1.- register a domain
2.- setup a box that listens as MX record for that domain and create 
valid e-mail boxes in it. My setup is based on a free OS + free software 
for the MTA, POP3 and IMAP servers all in a tiny Vmware image that can 
easily be replicated and switched to a different domain.
3.- use the e-mail addresses to:
        - post to mailing lists (such as this one)
        - post to web forums
        - reply to spam e-mail
        - send information requests through web forms
        (....)
4.- wait for spam
5.- PROFIT! (well, not really)

You could also use the e-mail addresses for "unsubscribing" links based 
on spam e-mails however, however, from my experience:

- spammers will not spam e-mail addresses sent to unsubscription forms 
that were not registered previously
- spam now uses non-evident unsubscription links (e-mail addresses are 
ofuscated through hashes) so it's not that easy to try to add yours in

Hope that helps

Regards

Javier