Message Board

Newbie/Basic Questions

Older Posts ]   [ Newer Posts ]
 Is the Honey Pot having an impact?
Author: V.Pylon   (11 Jun 06 1:20am)
I would like to know what the current status of the project is. Is there an application I can use that will allow me to block emails based on the information collected by this project yet? I am just curious.

Thank you,

Vic
 
 Re: Is the Honey Pot having an impact?
Author: S.Stewart   (20 Jul 06 7:30pm)
I'll bump this up rather than start a new thread.

I'm also curious as to the state of things. I've been running the cgi for some time now, and have issued 273 addresses that generated 87 spam emails. Not meaning to complain (and I'll keep running it for the time-being), but is the project ever going to come out of beta and accomplish something? I can find no info on the site regarding anything having been done with the gathered data yet. I'm hopeful that this is more than just an academic exercise. If you have any news for us of at least one spammer being affected, I'm sure we'd all love to hear about it.

Cheers
Stefan
 
 Re: Is the Honey Pot having an impact?
Author: M.Prince   (21 Jul 06 5:21pm)
Yeah, we're starting to get some traction. It takes time to get a critical mass of spam trap email addresses in circulation to start to get enough data to do some good. We always thought that critical number was 1M spam traps. We just crossed that threshold about a month ago. Now the fun starts.

Over the next few months we're making some fairly extensive upgrades to the Project technical systems. We just transitioned from a data center and some servers that were literally smoking to a new location with a lot more resources. With these resources now in place, you'll see new features go online on the website over time. We've partnered with folks like John Graham-Cumming (the author of POPFile) to use a Bayesian classifier to begin to automatically classify the spam we receive into different buckets (spam vs. phishing; products vs. porn vs. pills vs. mortgages vs. whatever....). One thing that a number of people have also asked for is a way to search and see if an IP is in our database. Look for that feature being turned on in the next week or so.

At the same time, and somewhat quietly, we've begun to share our data with anti-spam companies. These companies are using the spam feed in order to make filters better. We like to stay quiet about who we share the data with in part because we want the data to stay as clean as possible. Filter and sender reputation companies tell us that the feed coming off the Project is one of the cleanest they see. It's also wicked fast. Being able to turn around a message within seconds of it being sent to a spam trap means that a spammers campaign can often be shut down shortly after it has started.

We're still hopefully that the data can be used for a legal prosecution. Microsoft has made some noise about going after someone for violating the harvesting provisions of CAN-SPAM. We've partnered with the Internet Law Group, which represents AOL and some other big clients, and they use our data to go after bad guys. The legal system moves slowly, and there are some ways in which our data is being useful that we cannot always talk about, but we're definitely doing some good. I continue to speak at conferences and to law enforcement officials about how seeing the complete spam economy can help with prosecutions. Over time I'm confident this message will sink in.

Finally, we've talked for some time about creating some services of our own, such as the HTTP:BL. That would allow webmasters to stop known harvesters from accessing their site. With our recent move to a new datacenter, and some other projects around Unspam winding up their technical portion, I think we finally have the resources to make these things happen. We think the next few months at Project Honey Pot will be really exciting. Keep watching these pages!

Matthew.

Post Edited (23 Jul 06 8:34pm)
 
 Re: Is the Honey Pot having an impact?
Author: S.Stewart   (23 Jul 06 4:26pm)
Many thanks for that, Matthew - it answered all of my questions, and more.

Keep up the good work; I'm looking forward to future developments. I can't begin to tell you how much Spammers p*ss me off. Lately, they're getting very good at bypassing my Thunderbird adaptive-filter, and SpamAssasin, using embedded pics and random text, and totally polluting my Inbox - if I don't now who the email is from, I often have to check it with "view source" to make sure I'm not marking legit traffic as junk (I never open them). It wastes a hell of a lot of time. I'd love to see this project result in some of those creeps being nipped in the bud before they get seriously underway. You can count on a steady stream of data from my site - we do quite well, generally, and are very popular with the spambots ;-)

Stefan
 
 Re: Is the Honey Pot having an impact?
Author: S.Enbom   (3 Oct 06 1:00pm)
Dear Matthew,



How about reporting all the Phish our honeypots receive to:-

http://www.castlecops.com/pirt
http://phishtank.com/

Should help with the impact I believe.
 
 Re: Is the Honey Pot having an impact?
Author: M.Prince   (3 Oct 06 6:25pm)
We're already working with PhishTank (and they're working with CastleCops, I think). The first thing we did was build Outlook and Outlook Express buttons for phish reporting for PhishTank. We're testing those now and plan on releasing them the end of October. Here's more info:

http://www.phishtank.com/outlook_buttons.php

We may try and automatically report the phish the Project receives too, however that's a bit trickier. First we need to be able to fairly reliably sort phish from all the rest of the spam. To do that, we're playing with John Graham-Cumming's really cool software tool called Polymail. Bayesian categorization for email. If we can get it splitting phish/non-phish messages reliably, then reporting to organizations like PhishTank will become possible.

Stay tuned!

Matthew.
 
 Re: Is the Honey Pot having an impact?
Author: S.Enbom   (4 Oct 06 2:18am)
Good to hear Matthew.

I'm also sorting the spam I get using John Graham-Cumming's Popfile. It's then quicker for me to determine if there are any false positives before among the spam deleting it.

Oh, have you looked into http://knujon.com/ ?

It still seems a bit mysterious and as though they are starting up slowly but surely, but they claim to be able to shutdown spammers if I'be understood correctly.


I've been forwarding my spams to them for a while and recently received my first report:

Sites reported by you: 95
Pending Suspensions: 12
Completed Suspensions: 1

Interesting stuff. I never got to try out BlueFrog properly before it was shutdown and hoping to see a working solution against spam. However, I believe it is humanity that must change, the technology armsrace is unwinnable.



Staffan
 
 Re: Is the Honey Pot having an impact?
Author: M.Prince   (4 Oct 06 3:14am)
I've seen Knujon and corresponded with one of the developers behind it. We actually talked about making an Outlook/Outlook Express spam reporting button for them. Need to follow up and see if they're still interested. Thanks for reminding me!

Matthew.
 
 Re: Is the Honey Pot having an impact?
Author: E.Byrnes   (23 Apr 07 1:55pm)
Hello HoneyPot Tenders,

I'd be glad to install the full latest HoneyPot software on my site but the stats show I haven't captured anything. My site doesn't get much traffic anyway but if I install the full version will I expect it to help?

The best,
~Ed
 
 Re: Is the Honey Pot having an impact?
Author: M.Prince   (23 Apr 07 4:22pm)
Ed:
If you can install a honey pot, I definitely encourage you to. Even if you don't get much traffic to your site, with the new QuickLinks program you can help other users who can't install the software themselves trap harvesters. If you mark your honey pot as sharable, other users can direct harvester traffic to it. Both you and the QuickLinker get credit for the catch.

Thanks for your help with the Project!

Matthew.
 
 Re: Is the Honey Pot having an impact?
Author: M.Hill   (27 Apr 07 11:45am)
I actually forward all my spam emails to Knujon and so far have these stats:

Sites reported by you: 52
Pending Suspensions: 5
Completed Suspensions: 28

I've actually only just today setup a honeypot and some quicklinks and will look forward to seeing what it captures.
 
 Re: Is the Honey Pot having an impact?
Author: S.Enbom   (28 Apr 07 2:59am)
I'm also using Knujon:

Sites reported by you: 3206
Pending Suspensions: 393
Completed Suspensions: 796
 
 Re: Is the Honey Pot having an impact?
Author: J.Yard2   (4 May 07 6:19pm)
Yes, I'm having an impact.

Handed out over 330,000 randomly generated bogus/poison email addresses in 5 days to potential spam bot email address harvesters.

I believe in giving the email address harvesters what they came to my site for, lots of email addresses. Fight fire with fire.
 
 Re: Is the Honey Pot having an impact?
Author: E.Foerster   (5 May 07 8:13am)
Rather than going back to my original thread, I want to pose this question, the little guy, the person who does not having a web site, but just has a home network, can a honey pot help and impact on if they he/she fall victim to a harvester and et al, (for example a hotmail harvester) by raidinthe harvesting ones instant message contact list, several of my contacts, have complained of receiving the exact same phishing emails and virus I have received, I know that this may be out of this loop, but this is sort of the street magician showing you one hand and you do not see the other hand creating a whole new scam , or as I say instead taking the high road ,he takes the low road , and gather just as much just using more hooks. Now could a honey pot entrap these harvesting , with the intent to ID and vaccinate against the next one , I know this is kinda low end for you guys ,but it is the end user that gets burned at the end of all this

thanks Ezra



do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–17, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email