|
Author: M.Prince (7 Feb 05 1:39am)
So far we've been hesitant to share our list of mail server IPs with traditional RBLs. The reason why is that the mail server data is fairly easily manipulatable. Imagine, for example, if a spammer were to sign up for the Project and install a honey pot. He could then harvest email addresses he knows to be spam traps and then use those to sign up for legitimate mailing lists. If we blindly block the IPs of anyone who sends us a message then we risk opening ourselves to this kind of abuse.
We have agreed to share data with the SURBL, which lists the URLs that appear in spam messages and allow mail server admins to filter based on them. I'm more comfortable doing this because the SURBL guys approve each new domain by hand and maintain an extensive white list. Our SURBL feed got hung up while we fixed some other small issues, but it should go online soon.
We are working on what we believe will be a new tool: a way for website admins to block known harvesters. Tentitively known as the http:BL, we'll put more information about it on our website as soon as it's up and running. There will also be more information at:
http://www.httpbl.org/
Our goal is to make it free for everyone who is an active member of Project Honey Pot.
Finally, we need to walk a fine line when we give out information. One of our main goals is to provide both public and private law enforcement the data necessary to bring successful prosecutions. There's some element of surprise necessary to a successful legal action.
We're working with officials in order to make sure that anything we release publicly won't compromise any future legal actions. And... rest assured... the legal actions against harvesters are coming...
|
Welcome to Project Honey Pot | Login