You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by "pegpe@irt.kth.se" <pe...@irt.kth.se> on 2013/06/11 07:51:30 UTC

Ang.: Interesting Spam Trap Idea - Fake Authentication

How about redirecting known bots with nat/iptables to a spamtrap to collect the data.

If a botnetspammer would belive that your mailserver is a spamtrap and back off, who would complain?

----- Reply message -----
Från: "Dave Warren" <da...@hireahit.com>
Till: <us...@spamassassin.apache.org>
Rubrik: Interesting Spam Trap Idea - Fake Authentication
Datum: tis, jun 11, 2013 06:30

On 2013-06-10 20:27, Marc Perkel wrote:
> I'm not sure. I'm wondering if they use automation and maybe it's not 
> so smart. I don't think there is "a guy" typing passwords. 

Perhaps only accepting the first password for any particular account 
from a single IP, and rejecting different password attempts from that 
same IP would do the trick?

I doubt it's "a guy", but it wouldn't surprise me if the botnet that 
performs the dictionary attack  forwards the results off to "a guy" to 
confirm that the account works.

-- 
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren