Skip to content

Archives

SpamAssassin Needs Your Help!

while thinking about the CDT’s report on spammer address-scraping techniques again, it occurred to me that one finding is very significant; high-traffic websites probably get much more spam than low-traffic ones.

Now, I’ve got spamtraps up on pretty much all my sites, using a variety of methods:

<

ul>

  • plain mailto links, with instructions to human users not to use them (don’t mail that one either, obviously ;)
  • hidden mailto links in the page’s <head> block (browsers will not display text elements outside the <body> block)
  • hidden mailto links in a <!– HTML comment –>
  • empty mailto links in the text (ie. <a href="mailto:foo></a></code">)
  • mod_rewrite pages, which are displayed to spam-scraping bots instead of the real thing
  • But all my sites are small-time, really. ;) So -- anyone out there in the blogosphere care to help out the SpamAssassin project, by feeding us trapped spam? It'd be simply a matter of adding a mailto: link, hidden in a comment on a prominent page of your high-traffic website. Gimme a mail to this address if you do.

    (warning: that address will expire in 6 months. if you're reading this after Aug 2003, use the addr on this page instead.)

    The spam trapped in such a way is fed into a number of spamtrap-fed network systems, like Razor, DCC, Pyzor, and the Blitzed OPM blacklist. It's also used during the SpamAssassin score-regeneration process.