On Wednesday, October 27, 2004, 5:01:13 AM, Christopher Albert wrote:
Are you guys serious!? Did you look at this page: http://www.projecthoneypot.org/bots_and_servers.php The ads placed there do not look all that encouraging:
Those ads come from google. I hardly think google are spammers. Lots of non-spammer pages have google ads.
http://www.expedite-email-marketing.com/index.htm http://www.l-i-s-t.com/main_site/opt_in_email_lists.asp http://www.classmates.com/cmo/reg/school/index.jsp http://www.definitivedatabase.com/
Eric Kolve, author of SpamCopURI, works for classmates.com. Does that mean SpamCopURI is made for spammers?
You almost feel that this must be a joke.
If you read the projecthoneypot.org site (or hear their talk) you'll see that what they're trying to do is build a technical and legal chain from the harvesters through to top spammers like Ralsky, Spamford Wallace, etc. I for one think it would be a lot of fun to see Ralsky sent off to federal prison along with the spammers he uses. That's one joke I'd laugh at.... ;-)
"Why is Project Honey Pot necessary? Anti-spam efforts to this point have generally focused on the tail end of the spam cycle. In order to send out their messages, spammers must gather addresses, procure contracts, send emails, and collect money. Unfortunately, whether through filtering, authentication or enforcement, nearly every solution to this point has tried to stop spammers at virtually the last step: sending messages. Project Honey Pot is an attempt to move earlier in the spam cycle and identify the "King Pin" spammers who sit at the top of the food chain and spend their time harvesting our addresses."
In addition, this company http://www.unspam.com/ http://www.unspam.com/fight_spam/about_unspam/busservices.html :
As far as I can tell Project Honeypot and the unspam company are separate operations. Project Honeypot appears to be 100% anti-spam. It seems very likely that only abusers will be caught in these pots.
Finally, I'm not sure about how open they will be about the data received. If they were committed to making the spam coropa public (say daily tarballs), ripped out URLs for XML feeds to SURBL, fed relay IPs in realtime to publically available DNSBLs, and created, say RBLDNSD zone files from harvesting bot IPs, then that would be interesting. However, if the commercial appropraition of open source technology like that used in SpamAssassin or DCC is any indicator I wouldn't count on it.
They already said they would give us URIs when they reach reasonably large spam volume. "They" being Project Honeypot.
SpamCop is now officially owned by Ironport, but it's SpamCop that gives us sc.surbl.org data freely and openly, not Ironport.
We do this now, seeding some websites with time/IP-stamped emails. It takes a couple lines of PHP. The distributed idea is nice, but since all the feeds go to one commercial company "run by lawyers and computer scientists" (what a frankensteinian graft!) whose goal is to " help[ing] governments craft effective anti-spam laws and assisting legitimate businesses in complying with them" I dont think I will participate.
While I admit government anti-spam efforts almost always fail or backfire, I won't fault these guys for trying to work with them.
Again this is for the unspam company. I don't see Project Honeypot working with governments. In fact I was just having a discussion with Matthew Prince about how to do legal action with the Project Honeypot data but without government funding.
I think you guys are making a mistake by participating. We could do this ourselves in a completely open and noncommercial way where the information is available in near real time.
Chris Albert McGill University Network and Communicatins Services
I think you misunderstand Project Honeypot. It is as open and noncommercial as SpamCop. I fully believe that the people doing it are trying to go after spammers in a potentially very effective and relatively open way. And they're making a definite effort to share their data.
I know some of the people working on this project and I can tell you they're whitehats.
Jeff C. -- "If it appears in hams, then don't list it."