You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Anne S <hy...@gmail.com> on 2005/09/14 00:52:23 UTC
Re: Building a SPAM Honeypot with Jakarta James Open Source Mail Server
Believe it or not, I had the same idea in 2003, and I wrote some code to do
that. Basic stuff, like counting the amount of email, saving in text files,
recording the date, etc.
And even more, that's how I got started in James: I was too lazy to write my
own POP3 client, so I used James' fetchpop service to grab mail, then had my
program query it every 5 minutes or so.
I'll send you the source (warning: I haven't touched it since early 2004, so
I don't remember everything it does. Also, I'm going to have to dig into my
archives, so I'm can't promise I'll find it) if you license your finished
product under an open source license.
On 9/13/05, nurularesya ;p <nu...@yahoo.com> wrote:
>
> hello...
> i've a project that build spam honeypot with apache james..
> can i build spam honeypot with apache james?
> can anyone help me..any reference for my project?
> thanks..
>
> regards,
> nurularesya
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
Do spam honeypot will work in apache james?
Posted by "nurularesya ;p" <nu...@yahoo.com>.
do spam honeypot will work in james?how to build
spam honeypot in james?any suggestion? ;p
im really want to know...please help me in this...if it's work...if
there any reference?
thanks,
nurularesya
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Re: Building a SPAM Honeypot with Jakarta James Open Source Mail Server
Posted by "nurularesya ;p" <nu...@yahoo.com>.
im sorry...actually i dont really understand about your architecture...but i still read to understand it...thanks
and my question is do spam honeypot will work in james?how to build spam honeypot in james?any suggestion? ;p
im really want to know...please help me in this...if it's work...if there any reference?
thanks,
nurularesya
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Re: Building a SPAM Honeypot with Jakarta James Open Source Mail Server
Posted by Anne S <hy...@gmail.com>.
OK, here is how I architected it:
I had a shared hosting account with Hostway, accessable via POP3. I created
10 email accounts on my hosting account. I set up James' fetchpop service to
grab the email off the Hostway accounts every 5 minutes. I then set up my
program to query the James server every 5 minutes as well. My program would
collect all of the email from James, sort it, count the emails, do some
simple word searches (e.g. how many emails contained the word "porn",
"mortgage", "free", etc), and save every email in a text file inside a
folder which was date stamped.
So it's basically: (Hostway servers collect email and put it into my
account) -> (James server pulled down the emails via fetchpop) -> (My
program grabs email off of James, sorts the email)
I was going to "sprinkle" the 10 email addresses around the web in highly
selected spots, e.g. one email address would be frequently posted on a forum
used by teenagers, another for adults, techies, etc. But the project just
never got off the ground, even though I had acquired a domain name for it
and the program was essentially done.
Personally, what I really wanted to do is this:
1. Grab a dedicated server or a better shared hosting account, something
that allows a continuous Java thread to run... The shared accounts I could
afford didn't allow me to run a continuous Thread, and demanded $20 extra to
add a JVM. As a poor college student, that's out of the question. The server
I had my eye on was about $79 monthly (free setup, plenty of bandwidth as
well).
2. Set up James. Disable every service except for POP3. Lock it down nice
and tight.
3. Set up a PostgreSQL install. Configure it so it uses plenty of space, and
optimizes writes, not so much reads.
4. In the spoolmanager, delete every Matcher and Mailet pair. Add a single
Matcher/Mailet.
5. Use the Matcher "all", and immediately write all incoming messages into
the database.
6. Every hour/day/week (depending on how many messages you get) a cron job
starts up the email analyzer. This is the custom program I really wanted to
write. Analyze every damn thing about the emails stored in the database.
Figure out how many have SPF, spellcheck the emails, grammarcheck, the
average length of the email, the average length of the word, readability
stats, etc.
I know this sounds hard, but it is really easy. It's just text, and every
email message is a highly structured textfile, making analyzing easy.
7. Put the results into a webpage, put it for the world to see, and clear
the db for the next set of incoming mail.
I actually shopped this idea around my college, trying to get some funding
for a dedicated server from some CS/Engineering slush fund or whatever, but
there wasn't much enthusiasm for the idea. The Student Government wasn't
much help either. Oh well.
IMPORTANT: IF ANYONE finds the above idea interesting, drop me a line. I'd
gladly restart my project if someone/some company would foot the bill for
hosting, or maybe even loaned me a server and bandwidth from their premises.
It would make a great resume builder for me too.
Most of you can tell, I've put plenty of thought into this project already
;-)
As for the code: I should have everything collected, including any help and
ref files I used, by tomorrow. Give me a ring tomorrow evening if I haven't
sent it out.
Thanks, (and sorry about the length of the email. I'm quite prolific when
I'm discussing a project I'm enthusiastic about)
On 9/13/05, nurularesya ;p <nu...@yahoo.com> wrote:
>
> thanks..hopefully you will find the source...and thanks again...
> then do spam honeypot will work in james?any suggestion? ;p
> thanks,
> nurularesya
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
Re: Building a SPAM Honeypot with Jakarta James Open Source Mail Server
Posted by "nurularesya ;p" <nu...@yahoo.com>.
thanks..hopefully you will find the source...and thanks again...
then do spam honeypot will work in james?any suggestion? ;p
thanks,
nurularesya
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com