Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 8 of 8
  1. #1
    New Coder
    Join Date
    Mar 2007
    Posts
    63
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Poisoning spam bots

    I wonder if anyone has any interest in this? It seems like a good idea to me, provided it's done in a way that doesn't cause innocent people any problems. I've been working on something, and would like to get feedback and also possibly get in touch with others doing similar sorts of things so that we could link to each other, share certain resources, etc.

    Is there any interest in this here? I don't want to clutter up the board with a lengthy description of my beginner's attempts unless it's a topic of interest here.

    It seems to me that people with web sites have an opportunity to fight spam that most people don't, since we have a chance to mess with the bots that come calling. I'd like to explore best and worst practices in this regard. Any takers?
    Think slow, type fats

  • #2
    Senior Coder
    Join Date
    Jul 2005
    Location
    UK
    Posts
    1,051
    Thanks
    6
    Thanked 13 Times in 13 Posts
    I'm not overly interested in this but you might want to contact Incredibill.

  • #3
    Regular Coder Karen S. Garvin's Avatar
    Join Date
    Nov 2006
    Location
    Maryland
    Posts
    227
    Thanks
    5
    Thanked 2 Times in 2 Posts
    This sounds really interesting to me.

    I'm sick of spam. How can I help? I don't know very much about how bots work, but I'll do some background reading if it'll help.
    ----------------------------------------------
    Karen S. Garvin
    http://ksgarvin.wordpress.com

  • #4
    New Coder
    Join Date
    Mar 2007
    Posts
    63
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Karen S. Garvin View Post
    This sounds really interesting to me.

    I'm sick of spam. How can I help? I don't know very much about how bots work, but I'll do some background reading if it'll help.
    Well, the idea is to get some cheap domains, and set them up so that their mail address (the "A" record) is 127.0.0.1 - the localhost, and their MX record points back to the domain. Once you have a few of those domains, you then generate tons of random email addresses pointed at those domains, usually via a PHP script or something, so that each time a bot hits the page the bot gets a fresh batch of completely unworkable email addresses. Then you include links on the page to lead to other people's sites who are doing similar things. The bots will think they hit the mother lode of harvestable emails addresses, when in fact they've just wandered into a nuclear waste dump.

    The cool part about this is that there is no extra spam cluttering up the net, because the mail will never leave the spammer's server. The servers, in my limited experience, will try for days to send that message, and eventually give up. So 1) no extra bandwidth taken up on the net, 2) no chance of randomly generating an address that's actually in use or may be someday in the future, 3) the spammer's server comes under a lot of extra load doing nothing, and 4) with enough of these accumulated in the master mail list the spammer will start having major problems and probably have to abandon his list and start all over again. At least that's the theory.

    I have a PHP page which is disguised as an index.html page in a /email directory, and every time it's accessed it produces a random number of randomly named clickable email addresses.. currently it's set to produce from 100-1000 of them. One thing I need to learn is how the bots behave. If they find a page with, say, 100,000 addresses, will they eat them up or just go elsewhere?

    The other thing we need is lots of domains which are set up to be "black hole" loopback sites like this. I've got 5 of them I'm willing to share, and a friend has one, and hopefully others have or might create some. Having a lot of variety in the lists of addresses would be good.

    I may set up sub-domains on each of my 5, also, just to add more variety.

    That's kind of it in a nutshell. What do you think?
    Think slow, type fats

  • #5
    New Coder
    Join Date
    Mar 2007
    Posts
    63
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Pennimus View Post
    I'm not overly interested in this but you might want to contact Incredibill.
    Will do. Unfortunately I'm on my lunch break at work now, and clicking that link tells me that my agency has that address blocked at the firewall. Probably because it's a blog of some kind. I'll look later from home. Thanks!
    Think slow, type fats

  • #6
    Senior Coder
    Join Date
    Jul 2005
    Location
    UK
    Posts
    1,051
    Thanks
    6
    Thanked 13 Times in 13 Posts
    Yeah it's a blogspot blog, but the guy is on somewhat of a crusade to, if not screw over, then at least laugh in the face of every spam and scraper bot out there. He's spent quite a lot of time developing proprietory software for this sort of thing... Definately right up your street.

  • #7
    New Coder
    Join Date
    Mar 2007
    Posts
    63
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Pennimus View Post
    Yeah it's a blogspot blog, but the guy is on somewhat of a crusade to, if not screw over, then at least laugh in the face of every spam and scraper bot out there. He's spent quite a lot of time developing proprietory software for this sort of thing... Definately right up your street.
    He sounds like just the guy I need! I don't honestly expect to put a dent in the flow of spam, but if I can do anything at all I'll feel good about it. I'm sick of these parasites using up everybody's bandwidth. And it's a good way to learn PHP programming at the same time.
    Think slow, type fats

  • #8
    Regular Coder ArcticFox's Avatar
    Join Date
    Jan 2004
    Location
    Vostok Station, AQ
    Posts
    602
    Thanks
    35
    Thanked 3 Times in 3 Posts
    I had a bot that would visit daily and go to every one of my pages in less than two minutes (looking for email addresses?). The interesting thing was the bot was claiming to be using Internet Explorer with Win98.

    We all know about the JS and image that crashes IE... so using PHP, I location that bot to a IE crashing page.

    It hit that once and hasn't been back. I don't know why - I kinda miss the little bugger eating all my resources so quickly.

    <div> - putting your mind in a box since 1997


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •