2003-12-23 18:57:34 UTC
Hi guys,
I downloaded the latest, but couldn't get it to run. So I rewrote it as an inetd/xinetd client instead. But that is not my worry....
I think that there are several types of spammers, and at this point I am catching close to 98% correctly of the 300+ emails I get every day.
However I find this approach intriging, hence the interest.
I would like to know your statistics on why you are not forwarding the initial emails.
I have only been running for 12 hours or so and the 2 emails I have received so far indicates solid tests for open relay. Not just a blind poke.
As I see it there are several types of spammers:
1) those with a blind machine just using an open relay
2) as 1), but using real relay tests
3) those using their own MTA
In my spam approach, I actually connect to the remote MTA to asses if it is a SMTP server of some kind. And some of the spammers do use this approach, which can not be caught using honeypot approach. But that is beside the point.
I really think it is necessary to forward the initial test emails, but you seem to have statistics for that. Enlighten me please.
Merry Christmas,
Karsten
