List poisoning

The term list poisoning as related to electronic mail (e-mail), refers to poisoning a mailing list with invalid e-mail addresses


If a mailing list has been filled with many invalid e-mail addresses, the resources required to send a message to this list has increased. If one can poison a spammer's mailing list, one can force the spammer to exhaust more resources to send e-mail, in theory costing the spammer money and time.

Unfortunately, in more recent years, spammers have exerted control over virtually limitless computational and network resources, by using botnets and other stolen resources. Still, a different goal remains useful:

If spammers can be tricked into including the address of a honeypot or other trap into their mailing lists, then the source addresses through which they send spam can be detected. For instance, if the address moc.elpmaxe|resu#moc.elpmaxe|resu delivers to a honeypot system, then any IP address that sends mail to that system can be added to a DNSBL.


An example of list poisoining is Spampoison [1], a free system for webmasters and forum posters to fight email spammers. A link to a 'trap' is placed on a webpage. When a spammer's WWW robot (spider, bot, crawler) visits the page in search of email addresses, it follows the link to the 'trap' which is another webpage with a large number of dynamically generated fake email addresses. An example piece of HTML for a link 'poisoning' a spammer's list: Fight Spam! Click Here!




Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License