Author: J.Schippers (17 Jun 07 8:43am)
I believe that there are bots out there that are specifically targetted at certain weblog/forum software for comment and threadspamming. Would it be an idea to modify software like that to make it such that whenever somebody posts it will list them as a spammer?
The difficulty here is that spammers find such software by search engines like google and yahoo, so our honeypot would need to be findable by a search engine as well. In that case, it is difficult to prevent normal users to accidently post on it. However, I have noticed that once a blog or forum can be found using a search engine, you will get comment spam very quicky, so it might be worth investigating.
I think a solution must have the following properties:
1. It must look like a normal, under-protected installation of standard software
2. It must allow threads, posts or comments to be made by anyone.
3. It must make the software installations findable through search engines
4. It must discourage humans (even the stupid ones) to use the software, while preserving property 1.
If it can be done, I think we can win a major battle against spammers.
|