« Anti-Spam Appliances (2) | Home | Anti-Spam Appliances - Astaro Security Gateway »
Anti-spam technique (12)
By admin | June 9, 2007
List poisoning
This is poisoning a spammer’s mailing list with spamtraps or invalid email addresses has been a method employed in attempts to thwart spammers.
Once a mailing list has been poisoned with a number of invalid e-mail addresses, the resources required to send a message to this list has increased, even though the number of valid recipients has not. If one can poison a spammer’s mailing list, one can force the spammer to exhaust more resources to send e-mail, in theory costing the spammer money and time.
Poisoning spammer’s mailing lists is usually done by posting invalid email addresses in a Usenet forum or on a web page, where spammers are believed to harvest email addresses for their mailing lists. If using a dynamically generated web site for poisoning, the web site could link to itself infinitely, theoretically causing a spammer’s mailing list to be substantially poisoned.
Vulnerabilities
- Syntactically invalid email addresses used to poison a mailing list could be easily filtered out by the spammers, while using email addresses that are syntactically correct could cause problems for the mail server responsible for the email address.
- Implementations of spam poisoning systems can be avoided, if spammers learn of their location.
- Spammers often steal resources so that the efficiency of a mailing places little financial burden on the spammer.
A spamtrap is a honeypot used to collect spam.
Spamtraps are usually e-mail addresses that are created not for communication, but rather to lure spam. In order to prevent legitimate email from being invited, the e-mail address will typically only be published in a location hidden from view such that an automated e-mail address harvester (used by spammers) can find the email address, but no sender would be encouraged to send messages to the email address for any legitimate purpose. Since no e-mail is solicited by the owner of this spamtrap e-mail address, any e-mail messages sent to this address are immediately considered unsolicited.
The term is composed of the common words “spam” and “trap”, because a spam analyst will lay out spamtraps to catch wild spam in the same way that a fur trapper lays out traps to catch wild animals. Who originally coined this term is unknown, but several competing anti-spam organizations claim trademark over it.
Spamtraps are, by some, considered controversial due to the problems with backscatter of e-mail into the spamtraps. Because many spammers forge the e-mail address of the sender, often based on the same list of e-email address that they send spam to, anyone who sends e-mail back to the claimed “sender” of the spam may be sending to the spamtraps. Many mail servers will do their spam filtering after they have completely accepted e-mail and send bounce messages back when the e-mail is rejected, which can cause backscatter. Instead, these mail servers should reject the e-mail during the sending process, which doesn’t generate backscatter. Some e-mail marketers and mail list administrators do not use the confirmed opt in method to add new users to their mailing list and risk having the list of subscribers becoming poisoned with the spamtraps. Sometimes when a malicious person (a spammer, a competitor, an angry customer, etc.) discovers a spamtrap, they will sign up for a newsletter to poison it. Supporters of spamtraps do not consider list poisoning to be a major concern as most spamtrap administrators view all backscatter to be a problem, whether it is sent to a spam trap, or to an innocent victim who had their e-mail address forged.
…to be continued…
Sources: en.wikipedia.org…AntiSpam,
en.wikipedia.org…List_poisoning, en.wikipedia.org…Spamtrap
Topics: Computers & Software |