views:

880

answers:

21

Question is still OPEN...

For IT people here it may be not so difficult question. May be not only at first look ;) All ideas are welcome!

For startup Antispam project it is needed around 10000 spam mails per day and more. And also (for shingle algorithms) we need six and more modified mails for the same spam letter.

Please, if you have an idea, simple write what you think! Аnything good and not so good, at first look, ideas. It will be brainstorm!

Thanks forward for all replies!!

PS. Also a big thanks to Joel Spolsky and Jeff Atwood for the site, uniting advanced IT peoples in one internet place! it is a really the best site where it is possible to start such topic.

We need around 10000 spam mails per day and more (100 000, 1 000 000)!! It is must be industrial scale honeypot creating technology!

Please, think in INDUSTRIAL AMOUNTS!! The solution must be easy to SCALE!

+6  A: 

Well getting your email address on google is a very quick way to get a bunch of spam as I sadly found out. I had it in clear text on one site and that was enough to have it crawled by the spammers. I guess my address circles around on their lists now since the amount of spam slowly increases.

There are free archives with spam too, many of which can be found in the link section at http://www.annexia.org/spam/.

Skurmedel
thanks, we will check the archiveplacing the e-mail on the web-site is a direct way to spam, but in differ of PR of the site, it can create around 1000 or 2000 mails per day
Omega
+2  A: 

This may sound like a contrived answer, but signing yourself up to a Job website (with a really amazing, but fake CV / Resume) will get you a fair amount of spam per day.

Post an email on lots of forums, newsgroups and make a few blog pages with it on. Leave to settle for 1 month, then watch those generous Nigerian princes fill your inbox.

Chris S
it is an idea, thankswe founded that 1 people can make 7-8 forum registrations per day2 working people makes registrations during a week and now we have 70-80 mails per day
Omega
+3  A: 

Back in the day I got a lot of spam emails for a similar purpose by posting with the email address to a bunch of usenet groups to do with marketing, business, images etc. But then I doubt any spammers bother with usenet anymore.

The other thing to have is patience, once your email gets on a list spammers need to buy it. This might take a month, and spam received will grow for a while as it gets distributed.

Another thing to do is end up with the email address on a mail folder an insecure Windows machine, and wait for it to end up as part of a botnet.

Nick Fortescue
botnet is a super-idea! what is a question - is how to infect machine? (we don't whant to simple "wait.." :)
Omega
I really don't think you'd have to wait too long. If you were impatient then you could contact someone at the honeynet project http://www.honeynet.org/ and ask for advice - I've got a friend who does stuff with them and they are helpful
Nick Fortescue
The usenet still gets crawled for spam-emails.
Nils Pipenbrinck
+4  A: 
  • Sign up to dodgy web sites (porno etc). If they belong to dodgy top-level domains, even better.
  • Put your email as clear text on web-pages. The crawlers will do the rest of the job.

Edit: When I say "dodgy" top-level domain, I mean from countries that don't have anti-spam laws (eg Nigeria)

idrosid
yes it is seem to be a classical way, but it is a lot of manual work! we need around 30 people! thay must sign up every day! and they must work about 2 years for getting this spam level...
Omega
+3  A: 

For that volume you might want to launch a webmail startup and give away email accounts. You're guaranteed to get access to tonloads of spam, but all in your users' name. If you'll be processing the spam with automated tools you might be in the clear privacy-wise (Disclaimer: I Am Not A Lawyer!) but you should be explicit on your terms of service anyway.

The key to get people registering is to provide a useful service: e.g. a throwaway email address service for those pesky "registration required" web sites.

codehead
this is one else not so bad idea! all problem is a time - i think that it will be one year or more when the site becomes popular enoght for a required mail level
Omega
+3  A: 

To start with, post your email id here.

Alterlife
*THUMB UP*:)))))
Omega
+6  A: 

10,000 a day? Easy, I'll just send you what I get.

Seriously though register a bunch of domains on a cheap registrar and use a catchall address *@domain to grab email to any user (whether they exist in the system or not). Many spammers hit domains with a list of common account names: 'info', 'sales', 'webmaster', etc..

SpliFF
Yeah, using a catchall address for a domain will get a lot of mail fast.
Tchalvak
+1  A: 

Use Outlook.

Your contact list will be stolen soon enough.

SpliFF
ok, but how to scale this idea? In a company? We can't simple create a machine with Outlook and mails and the just WAIT... It is needed some algorithm for got virus/mail worm/trojan :)
Omega
+4  A: 

Many of the spam emails have "unsubscribe" link. I am pretty sure that if you follow it and enter your email address you will be bombarded with tons of new emails.

Especially since you bothered to read the spam email, you are probably a great target for more

kristof
I unsubscribed from many spam like that and never found an increase of spam, quite the contrary, most of them would really unsubsribe me.
Bluebird75
@Bluebird75 - I must say that this is surprising. I would personally never trust the unsubscribe link in spam, especially if it is asking for my email.
kristof
+3  A: 

Set up a fake Exchange server and put it on the net with no service packs. Someone is bound to come along and hack it for the account list.

This may seem like a complex and far-fetched approach but ironically I worked at an ISP where this actually happened (and I'm still getting spam from it after 6 years)!!

SpliFF
why not? it is not so difficult. But network activity in the network must be real, you mean?
Omega
Huh? You don't have to really be an ISP for this to happen. Unpatched Windows machines on the Internet are like cars parked in Compton - they get ransacked for accounts and passwords in seconds flat. I've seen machines get hacked while still downloading from Windows Update.
SpliFF
+3  A: 

Actually order some Viagra.

SpliFF
+2  A: 

Post your email address on here, I can auto-forward all of my spam to you.

ck
thanks :) but we need a real-time spam traffic, not old or forwarded spams
Omega
@Omega - no I can auto-forward spam as it arrives and is identified as spam. This means you are likely to receive a greater variety than by setting up a honeypot.
ck
+3  A: 

I guess the average for an email address is about 20 per day, so perhaps you can post a fairly long list of emails in a Google group. I imagine they will all be picked up by spammers.

Remou
Google group is a resounded idea. Does spammer like all groups or some special thematic?
Omega
Remou
+1  A: 

One word. Usenet.

The birthplace of Spam.

SpliFF
+2  A: 

You haven't specified if you're prepared to pay or offer services in return for large volumes of SPAM. If so you'll probably find ISPs willing to forward you spam caught by their networks. I know an ISP owner who bounces SPAM from all his corporate Sophos installations back to Sophos themselves. We're talking about 10's of thousands or more SPAM emails a week. The money might overcome concerns of leakage of sensitive emails, particularly if you sign some boilerplate non-disclosure and data handling agreements (basically agree not to allow anyone outside of your company to read the messages you get, that sort of thing).

SpliFF
+1  A: 

Spamers trade and sell e-mails, once you're on one list, you'll eventually be on all the lists. Also responding to spam e-mails is pretty much guaranteed to make you spread even faster as it lets the spammers know you're a "live" account who's also gullible enough to reply to spam. Since you're looking for something scalable you might even be able to concoct some sort of automated reply system which could be as simple as "I received this message from you and am interested in more details, could you please get back to me with further information?" which would probably be enough to interest the scammers, although it wouldn't do anything with the bot-net spam (as that mostly just uses e-mail as an infection vector or redirects you to website that does the same).

Orclev
+1  A: 

Ask Mailinator or Project Honeypot to share with you.

porneL
+1  A: 

Sign up for some free porn. ;-)

Only half joking here.

Dana Holt
A: 

Another way would be to download some huge spam bulks, fetch all the email address of the senders and reply to all of them. I'm not sure how efficient it would be, but I'm sure that's a good way to get indexed in their databases. If anyone knows where it's possible to download?, I found a few on this website: http://www.annexia.org/spam/

mnml
A: 

Surely this should be related to the server it is being sent to / from

WASSA
+1  A: 

sign yourself up at some 419 antiscammer forums

normal user