This is an off topic post from my local LUG list, but pretty interesting. Sort of spells out the dangers of open mail relays. I wonder if spam would be ended instantly if we all set one up... ---------- Forwarded Message ---------- Subject: [plug] [OT] open relay honeypot Date: Fri, 17 Jan 2003 14:41:06 +0800 From: Luke Dudney To: plug@plug.linux.org.au A few weeks ago I set up an smtp open relay honeypot using postfix on the end of my DSL line (set mynetworks to the entire world and disabled the 'smtp' transport). It appears to be an open relay but does not actually deliver the message. It took less than a day to be found by the spammers, and in the last three days usage on it has gone through the roof (559 different hosts connected to it!) The initial connections I got were apparently probes (empty message to a throwaway hotmail/yahoo accounts with my IP as the Subject). I forwarded these on manually to give the spammers false positives. It gives me a good feeling to know that there are 248,977 less spam messages in 241,978 less peoples' inboxes! I wonder how much spam would be stopped if there were a whole lot more similar honeypots on the net. The things I do for fun ;) Luke Grand Totals ------------ messages 190615 received 248977 delivered 0 forwarded 0 deferred 0 bounced 0 rejected 327355k bytes received 614m bytes delivered 118607 senders 4829 sending hosts/domains 241978 recipients 9116 recipient hosts/domains smtpd 3034 connections 559 hosts/domains 651 avg. connect time (seconds) 548:37:48 total connect time Per-Day Traffic Summary date received delivered deferred bounced rejected -------------------------------------------------------------------- Jan 11 2003 537 Jan 12 2003 1441 1197 Jan 13 2003 1446 1441 Jan 14 2003 19183 1447 Jan 15 2003 82460 107321 Jan 16 2003 84455 93365 Jan 17 2003 1093 44206 ------------------------------------------------------- -- Microsoft Palladium: "Where the hell do you think YOU'RE going today?"