Skip to Content

Spam is, in my opinion, the most useless thing in the computing world. Not a lot of people – unless you’re as lonely as Mr Bean who sends himself X-mas cards – seem to like receiving them, but as with classic junk mail, somebody still seems to find sending them useful. I heard once from a market researcher that a response rate of  > 5% is a huge success. I don’t know if that has been scientifically proven, but that doesn’t seem a lot to me. So what’s the use, I would say. More on that later.

Anyway, I’ve thought about starting a self-help group called SDNers Abused by Spam and, as the only (founder) member, writing the Eddy De Clercq SAS survivor guide. It would contain tips and tricks on how to prevent spam and techniques for fighting spam in a smart way. Since I don’t really have the time for this, I’ll restrict it to an article that will be published later. First I need to prepare my presentation which I will give at SDN Meets Labs at Walldorf. I hope to see you out there.

Having said that I want to already my enthusiasm for a somewhat different approach in fighting spam, called Project Honey Pot. Most existing solutions are focused on fighting spam when the harm has already been done, meaning your e-mail address is already “devirgined”. In other words, they are focused on the tail of the spam cycle, whereas the honey pot project plans to intervene earlier in the cycle.

 

But what is a honey pot exactly?

Wikipedia says : “In computer terminology, a honeypot is a trap set to detect or deflect attempts at unauthorized use of information systems. Generally it consists of a computer, data or a network site that appears to be part of a network but which is actually isolated and protected, and which seems to contain information that would be of value to attackers.” Now this doesn’t 100% cover what this project does. The primary goal is to understand the spam cycle. It is a distributed system of decoy email addresses website administrators can include on their sites in order to gather information about the robots and spiders spammers use. The project collates data on how addresses are harvested, distributed, and eventually spammed. But it doesn’t stop with that. They will also fight these spammers in court with all legal resources available. The notorious Jeremy Jaynes was convicted to 9 years in prison. Earlier I asked myself what the use of spam was. Well he’s the perfect answer. Money is the keyword. He was sending over 10 million mails a day, so if we take 1 to 2% of responses… One estimates that Jeremy Jaynes earned about $750 000 a month.

 

So how does it work?

Well, it’s rather simple compared to other honey pots like Jackpot (a SMTP server) and Project Bubblegum (a proxy). You only need to install a script and that’s it. Not even 5 minutes of work. Despite the fact that my personal site is pretty well protected against spam, I’ve decided to install it immediately in order to help to uncover spammers and bringthem to court.

There was one big flaw though. Scripts are available in ASP, Coldfusion, Mod_perl and Perl, Movable Type, PHP and Python, but no scripts were available for the Web AS. So I decide to write a port for BSP in my spare time. It took a somewhat long time due to different factors – like time difference and the fact that I don’t have too much spare time – but it’s now finally available in production since March 15th.  I’ll spend more time with details in my article later on, but here are already a few words on the mechanism.

The script returns, among other things, e-mail addresses when called. These time stamped addresses are handed out once, based on thousands of domains and hundreds of millions of legit-looking usernames. They’re also associated with a visitor’s IP address and their browser info. As soon as these e-mail addresses are getting e-mail, one knows that it is a spammer which can be tracked.

 

So how do you join the project?

First of all, it’s free. Secondly, it couldn’t be easier

Step 1: join the project.

image

Step 2: generate a honey pot

image

There are some important parameters:

  • The URL where the honey pot will be installed should be one from the productive system. If you run the honey pot script from development it will install itself in that domain.
    IMPORTANT:
    1. The productive system should have access to the outside world.
    2. You will also need to create an anonymous login user (a “default user”) and grant that user viewing permissions to visit the honey pot. Honey pot requests should be fixed to this user. Normally one sets a “service” user without any rights. But in order to retrieve the honey pot page, one needs additional display rights for the “WAPA” objtype
  • Select of course SAP Netweaver BSP.
  • Indicate whether you want to name the script or not, which domain to use and if you want to share the statistics for your site.

The result is a zip you need to download. It contains a generated BSP page based on your details and installation instructions.

Step 3: Installation of the honey pot

Everything is clearly explained in the installation instructions provided with the script. But it comes down to the following:

  • Determine if you want to install the pot in an existing or new BSP application. I would suggest the latter in order to have a library honey pot for all your apps.
    IMPORTANT: Whatever you choose, the app must be public to the outside world. See also the remark in step 2.
  • Create a page and copy/paste the script as is in the layout. Don’t alter anything!
  • Activate the script
  • Transport the script

Step 4: Visit the script in order to activate the script

Step 5: Set traps. Harvester needs to find the script, so you need to help them a bit. This can be done by typical code like:

Domain and script name must be changed to your specific case.

Optional step: Donate an MX entry. To prevent spammers from discovering which addresses are honey pots, the project need as many domains as possible. If you want to help you can donate a portion of a domain you control without affecting any existing web or email traffic. More details can be found at the site.

 

So will I never get spam when I’ve installed it?

Of course not. You need to be as cautious as before and if you already get spam, you’ll still need to delete/filter them. This project will help discourage the sending of unsollicited spam mail, since the sender(s) will know that the risk will be too high. As an SDN member the project needs your help. The tools are there, so don’t hesitate and install a honey pot today !

To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply