Jump to content

Trap spammers using fake email and quick reporting


kellogs
 Share

Recommended Posts

Dear friends,

I am the administrator of large forums (+400.000 unique visitors a month) and I finally opened an account of Spamcop. I added 1€ and will add more shortly.

My question is quite simple: do you recommend displaying fake email for spammers on popular web sites. For example, I may print a special message in the footnote of a forum in white over white, asking nobody to answer a message. And forward all spam to a quick reporting address.

Kind regards,

Kellogs

Link to comment
Share on other sites

I don't know that it's particularly recommended (there is no shortage of spam already) but it is quite normal to have spam traps and, with unique addresses never used to send mail, it would be quite safe to quick report hits provided you have your mailhosts properly configured and regularly checked (as noted in the quick reporting reference). You probably wouldn't even need to display them white on white. I have seen a rather well-known anti-spam organization that simply has non-displaying addresses in its page code (along with a similarly hidden warning not to send to them). Just my opinion.

Link to comment
Share on other sites

You probably wouldn't even need to display them white on white. I have seen a rather well-known anti-spam organization that simply has non-displaying addresses in its page code (along with a similarly hidden warning not to send to them). Just my opinion.

Thank you very much for information.

I installed a trap with direct report on two websites: one is 400.000 uniques visitors a month, the other is 70.000 unique visitors.

Link to comment
Share on other sites

white over white, asking nobody to answer a message.

There is a group that is focused on email harvesters that uses similar methods. Their objective is to make the links/email addresses visible only to bots not to live visitors. Links are included in comments, or relocated outside the visible screen, or given no size:

style="position: absolute; top: -250px; left: -250px;"

or

style="height: 0px; width: 0px;"

Link to comment
Share on other sites

I'd advise caution with listing fake email addresses - making sure you don't accidentally include the address of an innocent bystander is probably one of the more important considerations.

Cheers,

"Lisati"

Link to comment
Share on other sites

...I'd advise caution with listing fake email addresses - making sure you don't accidentally include the address of an innocent bystander is probably one of the more important considerations....
Exactly right lisati, thanks for making the point. But what I think the O/P was talking about was more along the lines of spamtrap addresses - http://www.spamcop.net/fom-serve/cache/402.html. These are real secret/unused but functional addresses in the trapper's own domain.

Back to your point, RFC 2606 specifies the basis for the only 'safe' addresses to use as bogus addresses. For instance Netscape used to use "user[at]domain.invalid" as the default anonymous from:/reply-to: address for their newsgroup reader (probably the successor clients like Thunderbird still do that). Anything else, no matter how ludicrous it might seem, other than something using the sanctified RFC 2606 domains/tlds runs the risk of colliding with someone's real address or catch-all.

Link to comment
Share on other sites

I'd advise caution with listing fake email addresses - making sure you don't accidentally include the address of an innocent bystander is probably one of the more important considerations.

I think there may some confusion here. There is a difference between "fake" email addresses and ones used for a spam trap.

In one case you would uses something like NoSpam [at] example.com as an email address on a news board to provide a required email address that will pass format but not result in any spam (or other email) sent to you no matter what. And RFC 2606 does address this.

In the other case the objective is to separate (trap) bots or other email harvesters from other users. One approach is to create (and hide) real addresses for real domains. By hiding these email address as the OP suggested, using white on white, only a bot reading through the web page source code would find, and use, the hidden address. Or only a bot or harvester would be trapped by sending email to the hidden address.

The creation and use of traps, is not quite that simple and the offer from the deputies is good or someone like Project Honey Pot

Link to comment
Share on other sites

<snip>

hiding these email address as the OP suggested, using white on white, only a bot reading through the web page source code would find, and use, the hidden address. Or only a bot or harvester would be trapped by sending email to the hidden address.

<snip>

...To be pedantic (and probably on the wrong side of off-topic :) <g>), a real user using a feature such as IE's View | Source or FireFox's View | Page Source (Ctrl-U) could find the "hidden" e-mail address, as well. Using it would still, in most cases, constitute spamming.
Link to comment
Share on other sites

...a real user using ... could find the "hidden" e-mail address, as well. Using it would still, in most cases, constitute spamming.

which is why I said,

The creation and use of traps, is not quite that simple and the offer from the deputies is good or someone like Project Honey Pot

Wandering even farther OT, Project Honey Pot hides a link to the Honey Pot. The Honey Pot includes all sorts of "fine print" saying don't collect email addresses for here, and hides an email address. There is not much question at that point about any received email being spam (IMHO).

Their objective is really the email harvesters not the spammer. So the email addresses harvested point to the IP of the collector so when an address is used, they know who collected it. So instead of just reporting all the zombies that are sending spam, they go upstream a step to find who is supplying the list of email addresses to the nets of senders.

Just a different answer to the same problem.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...