tags:

views:

880

answers:

21
+4  Q: 

Brainstorm: How to quickly create a honeypot for mass spam?

Question is still OPEN...

For IT people here it may be not so difficult question. May be not only at first look ;) All ideas are welcome!

For startup Antispam project it is needed around 10000 spam mails per day and more. And also (for shingle algorithms) we need six and more modified mails for the same spam letter.

Please, if you have an idea, simple write what you think! Аnything good and not so good, at first look, ideas. It will be brainstorm!

Thanks forward for all replies!!

PS. Also a big thanks to Joel Spolsky and Jeff Atwood for the site, uniting advanced IT peoples in one internet place! it is a really the best site where it is possible to start such topic.

We need around 10000 spam mails per day and more (100 000, 1 000 000)!! It is must be industrial scale honeypot creating technology!

Please, think in INDUSTRIAL AMOUNTS!! The solution must be easy to SCALE!

+6  A: 

Well getting your email address on google is a very quick way to get a bunch of spam as I sadly found out. I had it in clear text on one site and that was enough to have it crawled by the spammers. I guess my address circles around on their lists now since the amount of spam slowly increases.

There are free archives with spam too, many of which can be found in the link section at http://www.annexia.org/spam/.

Skurmedel  2009-05-21 10:08:06
thanks, we will check the archiveplacing the e-mail on the web-site is a direct way to spam, but in differ of PR of the site, it can create around 1000 or 2000 mails per day
Omega  2009-05-21 10:16:33
+2  A: 

This may sound like a contrived answer, but signing yourself up to a Job website (with a really amazing, but fake CV / Resume) will get you a fair amount of spam per day.

Post an email on lots of forums, newsgroups and make a few blog pages with it on. Leave to settle for 1 month, then watch those generous Nigerian princes fill your inbox.

Chris S  2009-05-21 10:16:26
it is an idea, thankswe founded that 1 people can make 7-8 forum registrations per day2 working people makes registrations during a week and now we have 70-80 mails per day
Omega  2009-05-21 10:19:39
+3  A: 

Back in the day I got a lot of spam emails for a similar purpose by posting with the email address to a bunch of usenet groups to do with marketing, business, images etc. But then I doubt any spammers bother with usenet anymore.

The other thing to have is patience, once your email gets on a list spammers need to buy it. This might take a month, and spam received will grow for a while as it gets distributed.

Another thing to do is end up with the email address on a mail folder an insecure Windows machine, and wait for it to end up as part of a botnet.

Nick Fortescue  2009-05-21 10:34:05
botnet is a super-idea! what is a question - is how to infect machine? (we don't whant to simple "wait.." :)
Omega  2009-05-21 10:41:38
I really don't think you'd have to wait too long. If you were impatient then you could contact someone at the honeynet project http://www.honeynet.org/ and ask for advice - I've got a friend who does stuff with them and they are helpful
Nick Fortescue  2009-05-21 10:46:17
The usenet still gets crawled for spam-emails.
Nils Pipenbrinck  2009-05-21 13:18:21
+4  A: 
  • Sign up to dodgy web sites (porno etc). If they belong to dodgy top-level domains, even better.
  • Put your email as clear text on web-pages. The crawlers will do the rest of the job.

Edit: When I say "dodgy" top-level domain, I mean from countries that don't have anti-spam laws (eg Nigeria)

idrosid  2009-05-21 10:37:01
yes it is seem to be a classical way, but it is a lot of manual work! we need around 30 people! thay must sign up every day! and they must work about 2 years for getting this spam level...
Omega  2009-05-21 10:44:07
+3  A: 

For that volume you might want to launch a webmail startup and give away email accounts. You're guaranteed to get access to tonloads of spam, but all in your users' name. If you'll be processing the spam with automated tools you might be in the clear privacy-wise (Disclaimer: I Am Not A Lawyer!) but you should be explicit on your terms of service anyway.

The key to get people registering is to provide a useful service: e.g. a throwaway email address service for those pesky "registration required" web sites.

codehead  2009-05-21 10:38:09
this is one else not so bad idea! all problem is a time - i think that it will be one year or more when the site becomes popular enoght for a required mail level
Omega  2009-05-21 10:46:14
+3  A: 

To start with, post your email id here.

Alterlife  2009-05-21 10:39:33
*THUMB UP*:)))))
Omega  2009-05-21 10:50:06
+6  A: 

10,000 a day? Easy, I'll just send you what I get.

Seriously though register a bunch of domains on a cheap registrar and use a catchall address *@domain to grab email to any user (whether they exist in the system or not). Many spammers hit domains with a list of common account names: 'info', 'sales', 'webmaster', etc..

SpliFF  2009-05-21 10:44:59
Yeah, using a catchall address for a domain will get a lot of mail fast.
Tchalvak  2009-11-20 19:01:56
+1  A: 

Use Outlook.

Your contact list will be stolen soon enough.

SpliFF  2009-05-21 10:46:07
ok, but how to scale this idea? In a company? We can't simple create a machine with Outlook and mails and the just WAIT... It is needed some algorithm for got virus/mail worm/trojan :)
Omega  2009-05-21 16:20:15
+4  A: 

Many of the spam emails have "unsubscribe" link. I am pretty sure that if you follow it and enter your email address you will be bombarded with tons of new emails.

Especially since you bothered to read the spam email, you are probably a great target for more

kristof  2009-05-21 10:51:24
I unsubscribed from many spam like that and never found an increase of spam, quite the contrary, most of them would really unsubsribe me.
Bluebird75  2009-05-21 11:17:13
@Bluebird75 - I must say that this is surprising. I would personally never trust the unsubscribe link in spam, especially if it is asking for my email.
kristof  2009-05-21 13:06:34
+3  A: 

Set up a fake Exchange server and put it on the net with no service packs. Someone is bound to come along and hack it for the account list.

This may seem like a complex and far-fetched approach but ironically I worked at an ISP where this actually happened (and I'm still getting spam from it after 6 years)!!

SpliFF  2009-05-21 10:53:16
why not? it is not so difficult. But network activity in the network must be real, you mean?
Omega  2009-05-21 16:07:49
Huh? You don't have to really be an ISP for this to happen. Unpatched Windows machines on the Internet are like cars parked in Compton - they get ransacked for accounts and passwords in seconds flat. I've seen machines get hacked while still downloading from Windows Update.
SpliFF  2009-05-21 16:37:08
+3  A: 

Actually order some Viagra.

SpliFF  2009-05-21 10:54:19
+2  A: 

Post your email address on here, I can auto-forward all of my spam to you.

ck  2009-05-21 10:58:17
thanks :) but we need a real-time spam traffic, not old or forwarded spams
Omega  2009-05-21 16:08:49
@Omega - no I can auto-forward spam as it arrives and is identified as spam. This means you are likely to receive a greater variety than by setting up a honeypot.
ck  2009-05-22 07:03:03
+3  A: 

I guess the average for an email address is about 20 per day, so perhaps you can post a fairly long list of emails in a Google group. I imagine they will all be picked up by spammers.

Remou  2009-05-21 11:03:07
Google group is a resounded idea. Does spammer like all groups or some special thematic?
Omega  2009-05-21 16:10:38
Remou  2009-05-21 16:36:10
+1  A: 

One word. Usenet.

The birthplace of Spam.

SpliFF  2009-05-21 16:30:31
+2  A: 

You haven't specified if you're prepared to pay or offer services in return for large volumes of SPAM. If so you'll probably find ISPs willing to forward you spam caught by their networks. I know an ISP owner who bounces SPAM from all his corporate Sophos installations back to Sophos themselves. We're talking about 10's of thousands or more SPAM emails a week. The money might overcome concerns of leakage of sensitive emails, particularly if you sign some boilerplate non-disclosure and data handling agreements (basically agree not to allow anyone outside of your company to read the messages you get, that sort of thing).

SpliFF  2009-05-21 16:45:04
+1  A: 

Spamers trade and sell e-mails, once you're on one list, you'll eventually be on all the lists. Also responding to spam e-mails is pretty much guaranteed to make you spread even faster as it lets the spammers know you're a "live" account who's also gullible enough to reply to spam. Since you're looking for something scalable you might even be able to concoct some sort of automated reply system which could be as simple as "I received this message from you and am interested in more details, could you please get back to me with further information?" which would probably be enough to interest the scammers, although it wouldn't do anything with the bot-net spam (as that mostly just uses e-mail as an infection vector or redirects you to website that does the same).

Orclev  2009-05-21 16:56:33
+1  A: 

Ask Mailinator or Project Honeypot to share with you.

porneL  2009-06-19 23:05:47
+1  A: 

Sign up for some free porn. ;-)

Only half joking here.

Dana Holt  2009-06-19 23:09:39
A: 

Another way would be to download some huge spam bulks, fetch all the email address of the senders and reply to all of them. I'm not sure how efficient it would be, but I'm sure that's a good way to get indexed in their databases. If anyone knows where it's possible to download?, I found a few on this website: http://www.annexia.org/spam/

mnml  2009-08-15 21:03:09
A: 

Surely this should be related to the server it is being sent to / from

WASSA  2009-11-18 12:30:30
+1  A: 

sign yourself up at some 419 antiscammer forums

normal user  2010-01-02 13:35:54

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security