:: Friday, January 14, 2005 ::
Die, Spam! Die!
El Reg reports on a new technique to trap spammers.
The script automatically generates bogus web pages (like this) that contain a control email address for the robot to collect. Project Honeypot both records the robot's IP address, the date and time the bogus web page is downloaded, and also receives any email sent to the control email address. The control email addresses are unique, so the Project can positively correlate a robot's IP address and time-stamp with any spam sent to the control email addresses. The end result: Wendland was able to identify the illicit harvester, an ostensibly legitimate marketing company.
By identifying illicit harvesters, Project Honeypot opens up a new front in the war on spam. Webmasters can now identify and block robots that harvest email addresses from their websites. Indeed, because the Project collects participants' data and publishes a list of IP addresses associated with spam harvesters, webmasters and ISPs can block all the harvesting robots identified through Project Honeypot.
Moreover, once harvesters have been identified, they can be prosecuted and sued under the CAN SPAM Act of 2004. And the states have their own anti-spam statutes, whose penalties as seen recently can be quite severe.
This won't solve the problem, but hopefully it'll reduce it. There's still the randomly generated spam, which I know of because my gmail account isn't listed anywhere and it still gets spam. The battle must go on, though.
:: The Squire 9:14 PM :: email this post :: ::