From owner-freebsd-questions@FreeBSD.ORG Fri Dec 23 18:19:16 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3F37116A41F for ; Fri, 23 Dec 2005 18:19:16 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from pi.codefab.com (pi.codefab.com [199.103.21.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4B93B43D68 for ; Fri, 23 Dec 2005 18:19:08 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from localhost (localhost [127.0.0.1]) by pi.codefab.com (Postfix) with ESMTP id DDF4C5CED; Fri, 23 Dec 2005 13:19:05 -0500 (EST) Received: from pi.codefab.com ([127.0.0.1]) by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 11638-02; Fri, 23 Dec 2005 13:19:04 -0500 (EST) Received: from [199.103.21.238] (pan.codefab.com [199.103.21.238]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by pi.codefab.com (Postfix) with ESMTP id D71EF5CA3; Fri, 23 Dec 2005 13:19:04 -0500 (EST) In-Reply-To: <20051223120440.G5464@seibercom.net> References: <20051223120440.G5464@seibercom.net> Mime-Version: 1.0 (Apple Message framework v746.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Charles Swiger Date: Fri, 23 Dec 2005 13:19:03 -0500 To: Gerard Seibert X-Mailer: Apple Mail (2.746.2) X-Virus-Scanned: amavisd-new at codefab.com Cc: FreeBSD Questions Subject: Re: SPAM Trap X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Dec 2005 18:19:16 -0000 On Dec 23, 2005, at 12:12 PM, Gerard Seibert wrote: > I have been reading about SPAM Traps. Exactly what is a SPAM Trap? > I noticed that it seems to be used in conjunction with blacklisting > organizations. > > How would one go about setting up one? The simplest case is to set up some email addresses on a website which point to a machine with no valid users, and then pay attention to any incoming mail and blacklist that traffic, ie, add the IP addresses of sending machines to a deny list like the access map, or feed the contents of such mail into SpamAssassin or other such tools which perform Bayesian text recognition. Recently I'd written a Python program to generate such pages to try and pollute spam databases, which also helps against critters who scan websites and then launch dictionary attacks against user accounts via SSH and so forth. It's here: http://www.pkix.net/~chuck/strychnine.py ...and can be seen in operation here: http://www.pkix.net/foo.asp [ Or any URL that doesn't refer to a valid document, for that matter. :-) ] -- -Chuck