* Derek Fountain
This is an off topic post from my local LUG list, but pretty interesting. Sort of spells out the dangers of open mail relays. I wonder if spam would be ended instantly if we all set one up...
---------- Forwarded Message ----------
Subject: [plug] [OT] open relay honeypot Date: Fri, 17 Jan 2003 14:41:06 +0800 From: Luke Dudney
To: plug@plug.linux.org.au A few weeks ago I set up an smtp open relay honeypot using postfix on the end of my DSL line (set mynetworks to the entire world and disabled the 'smtp' transport). It appears to be an open relay but does not actually deliver the message. It took less than a day to be found by the spammers, and in the last three days usage on it has gone through the roof (559 different hosts connected to it!) The initial connections I got were apparently probes (empty message to a throwaway hotmail/yahoo accounts with my IP as the Subject). I forwarded these on manually to give the spammers false positives.
It gives me a good feeling to know that there are 248,977 less spam messages in 241,978 less peoples' inboxes! I wonder how much spam would be stopped if there were a whole lot more similar honeypots on the net. ....chop....chop....
A good feeling and a few minutes of the spammer's line time is probably all you gained besides the increased traffic on the net. Reporting this traffic to the origin's host ISP would have been gain, where you possible caused the spammer to loose his account, or at least made him get a new account. -- Patrick Shanahan http://wahoo.no-ip.org Registered Linux User #207535 icq#173753138 @ http://counter.li.org