|
Honeypots
mailing list archives
Re: Honey email address?
From: Javier Fernandez-Sanguino <jfernandez () germinus com>
Date: Tue, 21 Mar 2006 14:57:40 +0100
Chris Norton wrote:
Hello,
I am trying to think of a way to setup an email address sort of like a
honeypot, which I do run a few, to attract emails such as phishing, new
Mass mailing worms/viruses and would like some input on the best way of
doing this. I would think it would consist of doing something such as
posting the email address to a lot of places on the internet but what
would be the best way to go about this? Any help or ideas would be
great.
From my experience:
1.- register a domain
2.- setup a box that listens as MX record for that domain and create
valid e-mail boxes in it. My setup is based on a free OS + free software
for the MTA, POP3 and IMAP servers all in a tiny Vmware image that can
easily be replicated and switched to a different domain.
3.- use the e-mail addresses to:
- post to mailing lists (such as this one)
- post to web forums
- reply to spam e-mail
- send information requests through web forms
(....)
4.- wait for spam
5.- PROFIT! (well, not really)
You could also use the e-mail addresses for "unsubscribing" links based
on spam e-mails however, however, from my experience:
- spammers will not spam e-mail addresses sent to unsubscription forms
that were not registered previously
- spam now uses non-evident unsubscription links (e-mail addresses are
ofuscated through hashes) so it's not that easy to try to add yours in
Hope that helps
Regards
Javier
 By Date 
By Thread
Current thread:
|
Intro
