...

View Full Version : Poisoning spam bots



RTrev
03-29-2007, 12:05 PM
I wonder if anyone has any interest in this? It seems like a good idea to me, provided it's done in a way that doesn't cause innocent people any problems. I've been working on something, and would like to get feedback and also possibly get in touch with others doing similar sorts of things so that we could link to each other, share certain resources, etc.

Is there any interest in this here? I don't want to clutter up the board with a lengthy description of my beginner's attempts unless it's a topic of interest here.

It seems to me that people with web sites have an opportunity to fight spam that most people don't, since we have a chance to mess with the bots that come calling. I'd like to explore best and worst practices in this regard. Any takers?

Pennimus
03-29-2007, 05:21 PM
I'm not overly interested in this but you might want to contact Incredibill (http://incredibill.blogspot.com/).

Karen S. Garvin
03-29-2007, 05:51 PM
This sounds really interesting to me. :thumbsup:

I'm sick of spam. How can I help? I don't know very much about how bots work, but I'll do some background reading if it'll help.

RTrev
03-29-2007, 06:15 PM
This sounds really interesting to me. :thumbsup:

I'm sick of spam. How can I help? I don't know very much about how bots work, but I'll do some background reading if it'll help.

Well, the idea is to get some cheap domains, and set them up so that their mail address (the "A" record) is 127.0.0.1 - the localhost, and their MX record points back to the domain. Once you have a few of those domains, you then generate tons of random email addresses pointed at those domains, usually via a PHP script or something, so that each time a bot hits the page the bot gets a fresh batch of completely unworkable email addresses. Then you include links on the page to lead to other people's sites who are doing similar things. The bots will think they hit the mother lode of harvestable emails addresses, when in fact they've just wandered into a nuclear waste dump.

The cool part about this is that there is no extra spam cluttering up the net, because the mail will never leave the spammer's server. The servers, in my limited experience, will try for days to send that message, and eventually give up. So 1) no extra bandwidth taken up on the net, 2) no chance of randomly generating an address that's actually in use or may be someday in the future, 3) the spammer's server comes under a lot of extra load doing nothing, and 4) with enough of these accumulated in the master mail list the spammer will start having major problems and probably have to abandon his list and start all over again. :) At least that's the theory.

I have a PHP page which is disguised as an index.html page in a /email directory, and every time it's accessed it produces a random number of randomly named clickable email addresses.. currently it's set to produce from 100-1000 of them. One thing I need to learn is how the bots behave. If they find a page with, say, 100,000 addresses, will they eat them up or just go elsewhere?

The other thing we need is lots of domains which are set up to be "black hole" loopback sites like this. I've got 5 of them I'm willing to share, and a friend has one, and hopefully others have or might create some. Having a lot of variety in the lists of addresses would be good.

I may set up sub-domains on each of my 5, also, just to add more variety.

That's kind of it in a nutshell. What do you think?

RTrev
03-29-2007, 06:22 PM
I'm not overly interested in this but you might want to contact Incredibill (http://incredibill.blogspot.com/).

Will do. Unfortunately I'm on my lunch break at work now, and clicking that link tells me that my agency has that address blocked at the firewall. Probably because it's a blog of some kind. I'll look later from home. Thanks!

Pennimus
03-29-2007, 06:38 PM
Yeah it's a blogspot blog, but the guy is on somewhat of a crusade to, if not screw over, then at least laugh in the face of every spam and scraper bot out there. He's spent quite a lot of time developing proprietory software for this sort of thing... Definately right up your street.

RTrev
03-29-2007, 06:44 PM
Yeah it's a blogspot blog, but the guy is on somewhat of a crusade to, if not screw over, then at least laugh in the face of every spam and scraper bot out there. He's spent quite a lot of time developing proprietory software for this sort of thing... Definately right up your street.

He sounds like just the guy I need! I don't honestly expect to put a dent in the flow of spam, but if I can do anything at all I'll feel good about it. I'm sick of these parasites using up everybody's bandwidth. And it's a good way to learn PHP programming at the same time. :D

ArcticFox
03-30-2007, 04:30 AM
I had a bot that would visit daily and go to every one of my pages in less than two minutes (looking for email addresses?). The interesting thing was the bot was claiming to be using Internet Explorer with Win98.

We all know about the JS and image that crashes IE... so using PHP, I location that bot to a IE crashing page.

It hit that once and hasn't been back. I don't know why - I kinda miss the little bugger eating all my resources so quickly.

:D



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum