PreshBlog

Project Honey Pot – catch the spammers

by on May.02, 2007, under Information Security

I joined Project Honey Pot today. It’s an interesting project using Honey Pots to detect email address harvesters.

I’ve set up a couple of honey pots to help out, and donated several MX records (it’s easy, just create a sub-domain MX record pointed to their server.

Project Honey Pot is a distributed system for identifying spammers and the spambots they use to scrape addresses from your website. By recording each spamtrap address they hand out, and watching for any spam received at that address, it allows them to determine when the address was harvested, by which IP address and user-agent, and where the spam was from.

So what can you do to help?

Head on over and sign up for your free account with Project Honey Pot, then:

Donate MX records

In order to provide plenty of legitimate-looking honeypot spamtrap addresses, they need to use a wide variety of domains. Therefore, you can help by adding an MX record to your domain, to delegate all mail for a new subdomain to their server. (Don’t use something obviously like ‘honeypot’ or ‘trap’ – use something real-sounding, so that it’s not obviously a trap. If everyone sets up sub-domains like honeypot.example.com, then spammers will just get clever and ignore any email address containing ‘honeypot’.

If you have a spare domain you’re not using for email, you can even send all mail for the domain to them – it’ll be helpful for them to have some “top-level” addresses as well as sub-domains.

Host a honey pot

Select the scripting language you’d like (from a fairly wide choice, including Perl, PHP, ASP, Coldfusion, Python and a couple of others) and you’ll get a ZIP file containing your custom honeypot. Drop the single script file somewhere in your webspace, then point your browser at it, and click the link to confirm its location, and it’ll be active… it’s that simple.

Oh, and simply for the sake of any email harvesters following links from my blog, my tasty honeypot page is over here.

Create a QuickLink

If you don’t have a website with scripting support to install a honey pot, you can just link to someone else’s honey pot – creating a quick link will help push email harvesters to other people’s honey pots, helping to gather valuable information.

I hope you’ll help out – the more people taking part, the more effective the project will be.


Leave a Reply

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!