|
Author: A.Brager (1 Apr 07 11:50am)
Has anyone else noticed the recent trend toward spammers harvesting WHOIS data and using it to send what I call "best guess" self-SPAM?
They grab a domain name from the WHOIS database, and then take their best guess at valid email addresses. They try things like "sales@domain.com", "support@domain.com", and other commonly used addresses. Worse, they forge the address so it looks like it's coming from your own domain! So a message TO sales@domain.com is also FROM sales@domain.com.
Although my webhost provides me with the ability to designate particular email addresses and setup special POP boxes for those email addresses, anything to my domain which is not recognized, gets aliased to my primary address. I actually like that, because sometimes valid email is mis-addressed, and I also really don't want to setup a seperate box - which I then have to go and check individually - for each address I use.
Although project honeypot is a fabulous idea, I don't think it can protect against this type of spammery. Has any thought been given to this at all in terms of how to protect oneself? What about for those of us on DSL lines using dynamic IP's to get to our web hosts?
Thank you
|
Welcome to Project Honey Pot | Login