[plug] [OT] open relay honeypot
Ben Jensz
jensz at wn.com.au
Fri Jan 17 14:47:22 WST 2003
rofl... Good stuff :)
/ Ben
Luke Dudney wrote:
> A few weeks ago I set up an smtp open relay honeypot using postfix on
> the end of my DSL line (set mynetworks to the entire world and
> disabled the 'smtp' transport).
> It appears to be an open relay but does not actually deliver the message.
> It took less than a day to be found by the spammers, and in the last
> three days usage on it has gone through the roof (559 different hosts
> connected to it!)
> The initial connections I got were apparently probes (empty message to
> a throwaway hotmail/yahoo accounts with my IP as the Subject). I
> forwarded these on manually to give the spammers false positives.
>
> It gives me a good feeling to know that there are 248,977 less spam
> messages in 241,978 less peoples' inboxes!
> I wonder how much spam would be stopped if there were a whole lot more
> similar honeypots on the net.
>
> The things I do for fun ;)
>
> Luke
>
>
> Grand Totals
> ------------
> messages
>
> 190615 received
> 248977 delivered
> 0 forwarded
> 0 deferred
> 0 bounced
> 0 rejected
>
> 327355k bytes received
> 614m bytes delivered
> 118607 senders
> 4829 sending hosts/domains
> 241978 recipients
> 9116 recipient hosts/domains
>
> smtpd
>
> 3034 connections
> 559 hosts/domains
> 651 avg. connect time (seconds)
> 548:37:48 total connect time
>
>
> Per-Day Traffic Summary
> date received delivered deferred bounced rejected
> --------------------------------------------------------------------
> Jan 11 2003 537 Jan 12 2003 1441 1197 Jan 13
> 2003 1446 1441 Jan 14 2003 19183 1447 Jan
> 15 2003 82460 107321 Jan 16 2003 84455 93365
> Jan 17 2003 1093 44206
>
>
More information about the plug
mailing list