Project Honey Pot goes after the harvesters

* Project Honey Pot targets harvesters who feed e-mail addresses to spammers

A key source of fresh e-mail addresses used by spammers is harvesters - those individuals that scour Web sites, newsgroups and e-mail servers for good e-mail addresses. These addresses, in turn, are fed to spammers who then pump out the junk that clogs our mailboxes.

Many anti-spam products will stop dictionary-harvest attacks, the primary method used by harvesters to gather e-mail addresses from messaging servers. Legislative approaches, however, have focused more on going after the spammers themselves, even though the CAN-SPAM Act makes harvesting illegal.

One organization trying to do something about this is Project Honey Pot, a creation of Unspam. The concept behind Project Honey Pot is simple: Web site operators install a piece of software on their site which then generates a unique, time-stamped e-mail address for each visitor. If a harvester grabs this address and provides it to a spammer who then sends e-mail to that address, the IP address that harvested the address can be identified along with the date and time that the address was harvested.

To date, Project Honey Pot has issued more than 42,000 unique e-mail addresses, has received more than 1,000 spam messages at these addresses and has identified 245 harvesters. Admittedly, these are small numbers, but the potential is huge.

I’m not a big fan of the legal approach to solving the spam problem because I don’t think it will be all that effective and because there is the potential for misapplication of laws like CAN-SPAM.

However, I like Project Honey Pot because it focuses on the people who are further back in the food chain, the harvesters of e-mail addresses who supply the spammers in the first place. The approach is sort of like going after the producers of cocaine instead of the drug dealer on the street - and it might be far more effective in the long run.

Copyright © 2005 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022