You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Tom Pridham <pr...@mindspring.com> on 2003/02/24 03:42:54 UTC
Spam Honeypot
Greetings All,
As an avid JAMES user I have decided to take up a new battle....the war on
spam. So here is my plan, I have acquired the domain DeletedSpam.com and
plan on deploying a JAMES "Honeypot" server with the relay open. I will
track all statistics on how much spam I delete each day, where the spam
originated etc.
Is there already code in a mailet somewhere to do the following:
--analyze an email marked as spam to pull out data elements (i.e. Subject
title, from address, and all of the "To" addresses
I plan on making a one page website that displays in real-time all of the
relevant stats on the deleted spam.
If anyone can direct me a starting point to create a plug-in for JAMES to
analyze the inbound emails prior to sending them to null, I would greatly
appreciate it.
The reason for this crazy project is: I am the CIO of a legitimate email
marketing company and the spammers are really giving "email marketing" a bad
name. Plus I want to have some fun sending spam to the bit bucket.
Am I crazy? I welcome advice, suggestions etc.
Thanks,
Tom Pridham
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: Spam Honeypot
Posted by Emmanuel Gilmont <e....@ibelgique.com>.
Ther are 2 interresting articles in the Linux Journal of march. I think you
should have a look on it.
The first is "Math vs Spam: beyond Bayesian filtering" and the second is
"Power filtering with Spambayes"
Good reading :)
Emmanuel
--
Le Lundi 24 Février 2003 03:42, Tom Pridham a écrit :
> Greetings All,
>
> As an avid JAMES user I have decided to take up a new battle....the war on
> spam. So here is my plan, I have acquired the domain DeletedSpam.com and
> plan on deploying a JAMES "Honeypot" server with the relay open. I will
> track all statistics on how much spam I delete each day, where the spam
> originated etc.
>
> Is there already code in a mailet somewhere to do the following:
> --analyze an email marked as spam to pull out data elements (i.e. Subject
> title, from address, and all of the "To" addresses
>
> I plan on making a one page website that displays in real-time all of the
> relevant stats on the deleted spam.
>
> If anyone can direct me a starting point to create a plug-in for JAMES to
> analyze the inbound emails prior to sending them to null, I would greatly
> appreciate it.
>
> The reason for this crazy project is: I am the CIO of a legitimate email
> marketing company and the spammers are really giving "email marketing" a
> bad name. Plus I want to have some fun sending spam to the bit bucket.
>
> Am I crazy? I welcome advice, suggestions etc.
>
> Thanks,
> Tom Pridham
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: james-user-help@jakarta.apache.org
>
> _____________________________________________________________________
> Envie de discuter en "live" avec vos amis ? Télécharger MSN Messenger
> http://www.ifrance.com/_reloc/m la 1ère messagerie instantanée de France
_____________________________________________________________________
Envie de discuter en "live" avec vos amis ? Télécharger MSN Messenger
http://www.ifrance.com/_reloc/m la 1ère messagerie instantanée de France
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: Spam Honeypot
Posted by Harmeet Bedi <ha...@kodemuse.com>.
----- Original Message -----
From: "Tom Pridham" <pr...@mindspring.com>
> Am I crazy? I welcome advice, suggestions etc.
It is a good idea, btw. as a data point.
Brightmail does something similar, ie. tries to collect spam mail and update
filters in 'real time'.
Spamnet or Vipul's Razor is another example of something similar.
Also you can get a lot already collected spam from
http://www.spamarchive.org/
It would be very cool if your site can collect feeds. A lot of mail server
hosts collect spam information(I do) and if you specify a statistics format
or mail headers format I am sure folks will be happy to help you fight spam
by sharing stats.
Regd headers: One thing to think about - Information extraction could occur
from mail store(repository) or in mailets.
Btw. I would not suggest you delete spam, only mark mail as checked for spam
and marked as spam or not. I assume your honepot can recieve legitimate mail
too.
Harmeet
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: Spam Honeypot
Posted by "Noel J. Bergman" <no...@devtech.com>.
Tom,
The sample matchers and mailets should provide you with with a good starting
point for your code. I would suggest that more than the subject, from and
to headers will be of interest. For example, geographical origin, alleged
domain, netblock owner, etc.
FWIW, my company offers commercial James development. If you are
interested, we could do the entire application for you: the mailet(s), the
database, the web page(s), as per your specifications. Contact me off-list
of you'd like to discuss it.
--- Noel
-----Original Message-----
From: Tom Pridham [mailto:pridham@mindspring.com]
Sent: Sunday, February 23, 2003 21:43
To: james-user@jakarta.apache.org
Subject: Spam Honeypot
Greetings All,
As an avid JAMES user I have decided to take up a new battle....the war on
spam. So here is my plan, I have acquired the domain DeletedSpam.com and
plan on deploying a JAMES "Honeypot" server with the relay open. I will
track all statistics on how much spam I delete each day, where the spam
originated etc.
Is there already code in a mailet somewhere to do the following:
--analyze an email marked as spam to pull out data elements (i.e. Subject
title, from address, and all of the "To" addresses
I plan on making a one page website that displays in real-time all of the
relevant stats on the deleted spam.
If anyone can direct me a starting point to create a plug-in for JAMES to
analyze the inbound emails prior to sending them to null, I would greatly
appreciate it.
The reason for this crazy project is: I am the CIO of a legitimate email
marketing company and the spammers are really giving "email marketing" a bad
name. Plus I want to have some fun sending spam to the bit bucket.
Am I crazy? I welcome advice, suggestions etc.
Thanks,
Tom Pridham
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: Spam Honeypot
Posted by bill parducci <bi...@parducci.net>.
as much as i would like to go undercover :o), the problem is that open relays are really a small part of the spam that is sent. true, they represent some of the lower forms of life, but in terms of being an annoyance to end users they are but a fraction of the overall volume. here are some mail stats from one of my servers:
blacklists
----------
ordb.org: 7
njabl.org: 91
spamhaus.org: 22
dsbl.org: 27
bad etiquette
-------------
attempted relays: 2
improper domain: 1
other: 0
summary
-------
total mail: 879
total rejected: 150
percent rejected: 17%
the blacklisting sites are listed in the order that they are consulted by my mail server. note: ordb.org is a pure open relay database. therefore, out of the 150 e-mail that have been rejected as spam via blacklisting only 7 of them were blocked as a result of being used by a known open relay. also of interest is that even after consulting with the rbl sites (and throwing out 20% of incoming e-mail right off the bat!) i still received another 50 or so spam messages during this period that were caught by an upstream [content based] filter.
open relays are an issue, but a small fish in a big pond (and growing smaller).
for my money, the best time spent is following the *pattern* based filters and working on ways to share that information amongst others of like interest. a good start would be a site dedicated to the sharing of procmail recipes, beysian formulas, etc.
ok, i think i am up to four cents now. :o)
b
Jerome Lacoste (Frisurf) wrote:
> This reminds me of people trying to infiltrate mafia/drug dealers. It
> takes years, and they are probably asked to do some bad things before
> they are able to catch the big fishes. At least that's what happening in
> movies :)
>
> If we try to follow the same principle, some kind of authority should
> decide to plant infiltrated open relays. They should act as normal open
> relays from a spammer point of view, deliver the emails (even if its not
> legal), but giving back important information.
>
> I am sure this has been discussed in other places, I understand the
> non-legality, but when you see the number of open relays, one more will
> not add too much to the traffic, but if it helps taking legal or
> technical action faster against big spammers, that may help.
>
> But accepting to do so raise some interesting philosophical questions. I
> wonder how exactly these kind of things happen with other kind of
> infiltrations?
>
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: Spam Honeypot
Posted by "Jerome Lacoste (Frisurf)" <la...@frisurf.no>.
This reminds me of people trying to infiltrate mafia/drug dealers. It
takes years, and they are probably asked to do some bad things before
they are able to catch the big fishes. At least that's what happening in
movies :)
If we try to follow the same principle, some kind of authority should
decide to plant infiltrated open relays. They should act as normal open
relays from a spammer point of view, deliver the emails (even if its not
legal), but giving back important information.
I am sure this has been discussed in other places, I understand the
non-legality, but when you see the number of open relays, one more will
not add too much to the traffic, but if it helps taking legal or
technical action faster against big spammers, that may help.
But accepting to do so raise some interesting philosophical questions. I
wonder how exactly these kind of things happen with other kind of
infiltrations?
On Mon, 2003-02-24 at 17:44, bill parducci wrote:
> unless the spammer is only looking at the SMTP codes (not going into *that* discussion again :o) the machine is going to have to actually *deliver* the note. at that point it will be an open relay and will be part of the problem. also, any spammer worth a darn will have a handful of 'feedback' accounts sprinkled in with the spam targets to make sure that the process completed (e.g. checking to make sure that the open relay doesn't stop sending mail--intentionally or not--in the middle of the job).
>
> the bottom line is that there isn't a good way to 'pretned' to be an open relay with the intent of harvesting useful information in my opinion. at most you will be able to log sites that probe for such bechavior but that can be done on a normally configured machine.
>
> there are a number of other ways to attract spam that i believe are more practical.
>
> b
>
> Randahl Fink Isaksen wrote:
> > That, I believe, is as simple as not requiring the sender to log in and
> > not requiring the sender to be in the local network either. I
> > accidentally set up my James configuration like this and found my server
> > transmitting huge amounts of spam in no time. Often I do not think the
> > spammers even care to send a probe e-mail to check that the message
> > arrives. Maybe they just bill the clients for the number of e-mails that
> > were accepted by the abused servers...
> >
> > If he is able create some trouble for the spammers in a legal manner I
> > wish him the best of luck.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: james-user-help@jakarta.apache.org
--
Jerome Lacoste (Frisurf) <la...@frisurf.no>
CoffeeBreaks
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: Spam Honeypot
Posted by bill parducci <bi...@parducci.net>.
a good place to start is to post an 'uninteresting' note to a variety of USENET lists using a 'clean' e-mail address. (alt.sex is one i have used in the past, but the more you spread around the more likely you are going to get hits). this gets the real bottom feeders since anyone using that address in bulk e-mails will have done so via dredging. note: DON'T use this address for anything else because anything it receives is unsolicited and is therefore spam by definition.
with a second address go to sites that manage a lot of groups (like yahoo groups) and sign up for a list that has 'free' stuff in it. let the account build up mail for a couple of weeks (they will be selling your e-mail address to numerous places as quickly as possible). then as you start gettting mail from the various mailing lists (and there will be MANY in a relatively short period of time), try to unsubscribe from each. if after 72 hours (my preference) you receive any mail from that list (or you get a bounce/404/etc. in the unsubscribe attempt) consider it spam. of course, this will take some work because you need to keep a list of senders that have been notified of your disinterest (and when). might make for a nice honeypot mailet one of these days.
there are other ways, however if you are diligent with these two you will start harvesting a lot of muck off the wire in no time! :o)
that said, the other option is to let someone like spamhaus.org, et al. do it (or volunteer to help out) and just rbl filter levraging the techniques they have devised. james already supports this out of the box.
b
Randahl Fink Isaksen wrote:
> Would you care to elaborate on those "other ways"?
>
>
> R.
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: Spam Honeypot
Posted by Randahl Fink Isaksen <ra...@rockit.dk>.
Would you care to elaborate on those "other ways"?
R.
-----Original Message-----
From: bill parducci [mailto:bill@parducci.net]
Sent: 24. februar 2003 17:44
To: James Users List
Subject: Re: Spam Honeypot
unless the spammer is only looking at the SMTP codes (not going into
*that* discussion again :o) the machine is going to have to actually
*deliver* the note. at that point it will be an open relay and will be
part of the problem. also, any spammer worth a darn will have a handful
of 'feedback' accounts sprinkled in with the spam targets to make sure
that the process completed (e.g. checking to make sure that the open
relay doesn't stop sending mail--intentionally or not--in the middle of
the job).
the bottom line is that there isn't a good way to 'pretned' to be an
open relay with the intent of harvesting useful information in my
opinion. at most you will be able to log sites that probe for such
bechavior but that can be done on a normally configured machine.
there are a number of other ways to attract spam that i believe are more
practical.
b
Randahl Fink Isaksen wrote:
> That, I believe, is as simple as not requiring the sender to log in
and
> not requiring the sender to be in the local network either. I
> accidentally set up my James configuration like this and found my
server
> transmitting huge amounts of spam in no time. Often I do not think the
> spammers even care to send a probe e-mail to check that the message
> arrives. Maybe they just bill the clients for the number of e-mails
that
> were accepted by the abused servers...
>
> If he is able create some trouble for the spammers in a legal manner I
> wish him the best of luck.
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: Spam Honeypot
Posted by bill parducci <bi...@parducci.net>.
unless the spammer is only looking at the SMTP codes (not going into *that* discussion again :o) the machine is going to have to actually *deliver* the note. at that point it will be an open relay and will be part of the problem. also, any spammer worth a darn will have a handful of 'feedback' accounts sprinkled in with the spam targets to make sure that the process completed (e.g. checking to make sure that the open relay doesn't stop sending mail--intentionally or not--in the middle of the job).
the bottom line is that there isn't a good way to 'pretned' to be an open relay with the intent of harvesting useful information in my opinion. at most you will be able to log sites that probe for such bechavior but that can be done on a normally configured machine.
there are a number of other ways to attract spam that i believe are more practical.
b
Randahl Fink Isaksen wrote:
> That, I believe, is as simple as not requiring the sender to log in and
> not requiring the sender to be in the local network either. I
> accidentally set up my James configuration like this and found my server
> transmitting huge amounts of spam in no time. Often I do not think the
> spammers even care to send a probe e-mail to check that the message
> arrives. Maybe they just bill the clients for the number of e-mails that
> were accepted by the abused servers...
>
> If he is able create some trouble for the spammers in a legal manner I
> wish him the best of luck.
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: Spam Honeypot
Posted by Danny Angus <da...@apache.org>.
> Often I do not think the
> spammers even care to send a probe e-mail to check that the message
> arrives.
They do check, the tiny number of James installations we've heard of that are ever hit by large quantities of spam without probing messages proves this.
d.
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: Spam Honeypot
Posted by Randahl Fink Isaksen <ra...@rockit.dk>.
That, I believe, is as simple as not requiring the sender to log in and
not requiring the sender to be in the local network either. I
accidentally set up my James configuration like this and found my server
transmitting huge amounts of spam in no time. Often I do not think the
spammers even care to send a probe e-mail to check that the message
arrives. Maybe they just bill the clients for the number of e-mails that
were accepted by the abused servers...
If he is able create some trouble for the spammers in a legal manner I
wish him the best of luck.
Randahl
-----Original Message-----
From: bill parducci [mailto:bill@parducci.net]
Sent: 24. februar 2003 16:25
To: James Users List
Subject: Re: Spam Honeypot
Noel J. Bergman wrote:
> I was going to say that same thing to him. In fact, I had written it
in my
> note, but then I saw his comment about sending the mail to null, so I
think
> that he knows not to actually be an open relay.
>
> --- Noel
i saw the same. however, how is he going to be an 'open relay' (to
attract spammers) and then be dumping stuff to null?
b
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: Spam Honeypot
Posted by bill parducci <bi...@parducci.net>.
> You don't need to do anything to attract spammers; they just show up. You
> don't need to do anything to be probed for being an open relay other than
> have an available SMTP port on the internet. Your IP will be probed. I
> recently installed a computer on broadband for my uncle. Within 5 minutes
> of enabling his computer, the firewall reported the first probes. People
> looking for SMTP, MS SQL, and other exploits.
of course, but for the reasons i outlined previously you aren't going to be able to capture much more useful information than" "IP address a.b.c.d tried to perform a relay". as you point out below this can be easily tracked using a typically installed machine (provided you have some ability to process your logs). there isn't a need to try to be a 'faux open relay'. it only invites problems.
> My own firewall tracks in excess of 20 GIGABYTES of probes per month, all
> courtesy of Windows machines.
>
> Our public mail server blocks anywhere from a few 100 spams per day to
> 1500+. They seem to run in waves. The numbers were much higher when we
> first started the server, but they seem to have dropped off; perhaps the
> spambots are realizing that we aren't productive for them.
>
> In any event, since he isn't actively rejecting them (from their
> perspective), they'll assume that he is an open relay. Unlike DNSRBL
> scanners, which wait to get a reply.
they will assume this for a single session unless they are just trying to propagate viruses (hit & run/script spamming). again, there is value to observing hit & runs, but since james gives OKs to any tp/from address condition under normal operating conditions the above argument continues to hold true.
b
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: Spam Honeypot
Posted by Danny Angus <da...@apache.org>.
> That is exactly my plan....I will place my honeypot server on the
> internet,
> open up port 25, capture all the gory details, and then dump the email to
> null.
But if you do that you won't necessarily get much spam, trust me I've had a number of servers running for a number of years, spam tends to be sent to users. Without users you won't get spam. What you will get will be probing emails which don't give much away.
And if you are an open relay you won't get lots of different kinds of mail, just thousands of copies of the same one.
d.
> From my experience so far, most spammers do not send a test message to see
> if the email is actually making it to the end-recipient.
No, but they do send a probing message to test if your server is an open relay, and they don't "broadcast" mail at every conceivable username on your system. They use harvested lists, or otherwise validated addresses. One good reason for James not to reject mail because a user is unknown is that by subtraction this allows people to harvest good addresses from a mailserver. There are freeware products out there which do this for this purpose.
d.
> Thanks to the availibility of cheap dedicated servers (i.e. ServerBeach,
> Nocster etc), this is a fun and cheap experiment.
Probably more likely to be dull, and make you more enemies than friends.
> Ever wonder how spammers survive? Here is the best article I've read on
> that topic in awhile:
>
> http://www.wired.com/news/infostructure/0,1377,57613,00.html
This article kind of defeats your argumet, suggesting that it is in fact harvested addresses being used.
IMO The only sensible way of dealing with spam is to filter it by content and deny mail from blacklisted relays, even then spam filtering is better carried out at client level, servers can mark spam, but as a false positive is totally unacceptable in most cases it makes sense to delegate the whole task to the client.
d.
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: Spam Honeypot
Posted by Tom Pridham <pr...@mindspring.com>.
That is exactly my plan....I will place my honeypot server on the internet,
open up port 25, capture all the gory details, and then dump the email to
null.
>From my experience so far, most spammers do not send a test message to see
if the email is actually making it to the end-recipient.
Thanks to the availibility of cheap dedicated servers (i.e. ServerBeach,
Nocster etc), this is a fun and cheap experiment.
Ever wonder how spammers survive? Here is the best article I've read on
that topic in awhile:
http://www.wired.com/news/infostructure/0,1377,57613,00.html
-----Original Message-----
From: Noel J. Bergman [mailto:noel@devtech.com]
Sent: Monday, February 24, 2003 1:27 PM
To: James Users List
Subject: RE: Spam Honeypot
> i saw the same. however, how is he going to be an 'open relay'
> (to attract spammers) and then be dumping stuff to null?
You don't need to do anything to attract spammers; they just show up. You
don't need to do anything to be probed for being an open relay other than
have an available SMTP port on the internet. Your IP will be probed. I
recently installed a computer on broadband for my uncle. Within 5 minutes
of enabling his computer, the firewall reported the first probes. People
looking for SMTP, MS SQL, and other exploits.
My own firewall tracks in excess of 20 GIGABYTES of probes per month, all
courtesy of Windows machines.
Our public mail server blocks anywhere from a few 100 spams per day to
1500+. They seem to run in waves. The numbers were much higher when we
first started the server, but they seem to have dropped off; perhaps the
spambots are realizing that we aren't productive for them.
In any event, since he isn't actively rejecting them (from their
perspective), they'll assume that he is an open relay. Unlike DNSRBL
scanners, which wait to get a reply.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: Spam Honeypot
Posted by "Noel J. Bergman" <no...@devtech.com>.
> i saw the same. however, how is he going to be an 'open relay'
> (to attract spammers) and then be dumping stuff to null?
You don't need to do anything to attract spammers; they just show up. You
don't need to do anything to be probed for being an open relay other than
have an available SMTP port on the internet. Your IP will be probed. I
recently installed a computer on broadband for my uncle. Within 5 minutes
of enabling his computer, the firewall reported the first probes. People
looking for SMTP, MS SQL, and other exploits.
My own firewall tracks in excess of 20 GIGABYTES of probes per month, all
courtesy of Windows machines.
Our public mail server blocks anywhere from a few 100 spams per day to
1500+. They seem to run in waves. The numbers were much higher when we
first started the server, but they seem to have dropped off; perhaps the
spambots are realizing that we aren't productive for them.
In any event, since he isn't actively rejecting them (from their
perspective), they'll assume that he is an open relay. Unlike DNSRBL
scanners, which wait to get a reply.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: Spam Honeypot
Posted by bill parducci <bi...@parducci.net>.
Noel J. Bergman wrote:
> I was going to say that same thing to him. In fact, I had written it in my
> note, but then I saw his comment about sending the mail to null, so I think
> that he knows not to actually be an open relay.
>
> --- Noel
i saw the same. however, how is he going to be an 'open relay' (to attract spammers) and then be dumping stuff to null?
b
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: Spam Honeypot
Posted by "Noel J. Bergman" <no...@devtech.com>.
> > I have acquired the domain DeletedSpam.com and plan on
> > deploying a JAMES "Honeypot" server with the relay open.
> Erm no, you'd better not, otherwise it will be *you* adding to the
problem.
I was going to say that same thing to him. In fact, I had written it in my
note, but then I saw his comment about sending the mail to null, so I think
that he knows not to actually be an open relay.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: Spam Honeypot
Posted by Danny Angus <da...@apache.org>.
> As an avid JAMES user I have decided to take up a new battle....the war on
> spam. So here is my plan, I have acquired the domain DeletedSpam.com and
> plan on deploying a JAMES "Honeypot" server with the relay open.
Erm no, you'd better not, otherwise it will be *you* adding to the problem.
d.
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org