Do you want to be aggressive, very aggressive in stopping spam? Then what you might want to do is to set up a fake open proxy or e-mail relay as a honeypot.. . .
Do you want to be aggressive, very aggressive in stopping spam? Then what you might want to do is to set up a fake open proxy or e-mail relay as a honeypot.

Honeypots are an ancient, but still effective security tool. Traditionally a honeypot is a server that looks like it has very attractive files and has a security hole in it. Crackers will then break into the honeypot in search of pirated copies of games, trade secrets or such.

In reality, there's nothing of any real value in the honeypot. By watching who breaks into the honeypot, you can audit would-be attackers as they hunt for the goodies until you know exactly who they are and you can then put the cuffs on them.

Some black-list administrators, notably Ron Guilmette, has taken this basic idea and turned it into an anti-spam approach. It works in exactly the same way. Since a spammer doesn't know what proxies or relays are open to abuse by spammers, they are constantly testing sites for new and vulnerable relays. In fact, a spammer probably has no idea what sites he is using to spread spam. Most simply rely on automatic scripts to find new sites as old open relays are either fixed or knocked off the net by being listed on a blacklist.

If you're not sure yourself about whether your mail servers are open, you should get a copy of Mail Relay Tester or run the Abuse.net mail relay test, and test out your own system.

The link for this article located at Enterprise IT Planet is no longer available.