[SURBL-Discuss] In support of Project Honeypot

Andy Warner andy at andy.net
Wed Oct 27 15:39:49 CEST 2004

Coments in-line...

On Wed, 27 Oct 2004, Christopher Albert wrote:

> Are you guys serious!?
> Did you look at this page:
> http://www.projecthoneypot.org/bots_and_servers.php
> The ads placed there do not look all  that encouraging:
> http://www.expedite-email-marketing.com/index.htm
> http://www.l-i-s-t.com/main_site/opt_in_email_lists.asp
> http://www.classmates.com/cmo/reg/school/index.jsp
> http://www.definitivedatabase.com/
> You almost feel that this must be a joke.

One small clarification needs to be made here. They are clearly using
Google to serve ads. Google determine what ads to display based on the
content of the page. As the page relates to spam it isn't terrible
surprising to see these folks listed. The folks behind the site could
spend a bit of time blocking out these advertisers to make the ads more

> In addition, this company  http://www.unspam.com/
> http://www.unspam.com/fight_spam/about_unspam/busservices.html :
> The patchwork of anti-spam laws makes conducting an email marketing
> campaign risky even for legitimate marketers. Moreover, the
> proliferation of spam filters can prevent your messages from getting
> through even to customers who have asked for them. Unspam understands
> these problems and can help legitimate marketers design email
> campaigns that are legal and effective.
> Finally, I'm not sure about how open they will be about the data received.
> If they were committed to making the spam coropa public (say daily
> tarballs), ripped out URLs for XML feeds to SURBL, fed relay IPs in
> realtime to publically available DNSBLs, and created, say RBLDNSD zone
> files from harvesting bot IPs, then that would be interesting.
> However, if the commercial appropraition of open source technology
> like that used in SpamAssassin or DCC is any indicator I wouldn't
> count on it.
> We do this now, seeding some websites with time/IP-stamped emails. It
> takes a couple lines of PHP. The distributed idea is nice, but since
> all the feeds go to one commercial company "run by lawyers and
> computer scientists" (what a frankensteinian  graft!) whose goal is to
> " help[ing] governments craft effective anti-spam laws and assisting
> legitimate businesses in complying with them" I dont think I will
> participate.
> I think you guys are making a mistake by participating. We could do
> this ourselves in a completely open and noncommercial way where the
> information is available in near real time.

I don't think this project is as bad as you may think it is, but I would
certainly support a more open version of the same. If anybody wants to
start collaborating on something let me know I can provide some coding
and server resources. However, it may make sense to wait a bit and see
how the current site evolves before starting a splinter effort.

Andy Warner
andy at andy.net

More information about the Discuss mailing list