Jump to content

Jackpot fake SMTP server / teergrube / honeypot...


HillsCap
 Share

Recommended Posts

The Jackpot software looks great...if only I were able to run it.

As is, I am located behind a firewall at a major university which I suppose will get in the way of the honeypot. Question for anyone: do I need to get cable internet in order to get in on the Jackpot action? (Yep, I'm a total n00b).

I have been using spam Vampire for quite a while now, mainly against the spamvertised domains run by Global Entertainment Solutions (ad-eliminator and U.S. visa lottery scams) and some of those mortgage spammers flaunting the big juicy jpegs.

Thanks to anyone who can supply a basic answer to what type of connectivity is needed to make a honeypot work productively.

-Carl

Link to comment
Share on other sites

The Jackpot software looks great...if only I were able to run it. 

As is, I am located behind a firewall at a major university which I suppose will get in the way of the honeypot.  Question for anyone: do I need to get cable internet in order to get in on the Jackpot action?  (Yep, I'm a total n00b).

I think you might be able to get a DynDNS account to set up JackPot, if you're on a dynamic IP address, but I'm not sure. You'd have to just give it a try and see if it works.

As for whether your IP address will get added to the open proxy / open relay lists... that's the idea. That's the fastest way to attract the spammers. Since most people don't (aren't allowed to) do direct-to-MX mailing from their own computer, it won't matter if your IP address is on those lists, since the mail server of your ISP should still be clean, allowing you to send mail without problems.

That's how I attracted the spammers to my JackPot... it sat idle for quite a while, so I submitted it to the open relay testing websites to get it listed. After that, the spammers showed up in droves. I've had them try to relay as many as 1,100,000 spams in a day.

Link to comment
Share on other sites

Very interesting and useful reading here.

Another bit of good news... I just talked with an FTC representative, and we're looking into setting it up so the FTC can check the JackPot logs and use them as evidence against spammers.

8617[/snapback]

I'm wondering if anything came of this. It seems like a great way to add resources to their arsenal - from knowledgeable users who can help - without taxing resources the FTC probably can’t spare.

The reason I’m asking is that I have a buddy at the CA Dept. of Justice who might be interested in this topic - and in picking a few brains here. They’ve been helping investigate an attack that shut me down a while back - and they’ve been a little gloomy since that lame federal “Can spam” thing pretty much trumped California’s much tougher SB 186.

Link to comment
Share on other sites

  • 1 year later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...