Kimler Sidebar Menu

Kimler Adventure Pages: Journal Entries

random top 40

SpamBack - Green Eggs & SPAM

SpamBack - Green Eggs & SPAM

June 29th, 2005  · stk

Serving a Tasty Dish for Any Spammer

Maybe I have a soft spot for the spammers? After removing all the "mailto:" references and entity-encoded email addresses from the site, email harvesting programs don't yield a single thing. That just doesn't seem right. So, using a process coined SpamBack "Green Eggs and SPAM", I changed that!

If the thought of giving spammers a dose of their own medicine is appealing to you, read on ...

From Whence Came Inspiration

SpamBack is not an original concept. because I was stoutly nudged in this direction by a Brit named ¥åßßå, whose Spam Trap was the inspiration for SpamBack, hence the similarity in names.

The way it works is simple. If one makes a php or html page, filled with spammer email addresses, then mail harvesting programs will be harvesting not MY address, not YOUR address, but SPAMMER addresses (either real or fake). In a devilish way, this provides a certain smug sense of satisfaction, knowing that I'm dishing up a poisoned pill to spammers who try to harvest email off the site.

I'm not alone in this thinking, as there is a website dedicated to this very concept - Spam Poison - which, when linked, provides a near infinite loop of dynamically generated, fake email addresses, linked to known spamming domains.

Oh my! I'm now practically rolling on the floor, laughing at all the poor spammers who venture to www.randsco.com , because I've implemented BOTH ¥åßßå's trap, Spam Poison's Pill and my very own SpamBack!

Working in Stealth Mode

Both and have nice little graphic buttons, which you are meant to add to your page, proudly displaying your affiliation with an effort to fight spam. I suppose that's nice, but I prefer a cleaner look and therefore, don't have a button or link on our visible page. Hence, "SpamBack", doesn't have a button (or badge) ... but feel free to make one if you must!

On this site is a linked page named greenEggs. In that file, is a link to "Spam Poison", a link to "Spam Trap" and a list of return email addresses from unwanted SPAM.

The whole "spamBack" operation works in 'stealth' mode, because (with the exception of this post), you won't find a link to _greenEggs.php page anywhere on the site. It's there, but hidden from view using CSS. The insertion code looks like any other link, wrapped in a specially named <div>.


<div id="spamHide"><a href="http://randsco.com/blogs/skins/rands/_greenEggs.php" title=" Can you say, 'Green Eggs and Ham'? ">Enjoy the meal.</a></div>

In the CSS file, the "spamHide" <div> is hidden from the screen (but available to anyone scanning the file), using:


div#spamHide { display:none; }

Which pulls it completely out of the document flow, acting as if it weren't there at all. BOOM. Hidden!

Not only doesn't the file clutter the page, but because it's a link (and not an embedded file), it doesn't negatively affect page loading speed. This is important, as the spamBack 'bait' is sitting there for the spammer to bite, but regular site visitors don't pay a 'penalty' for it.

Importance of Your Own Addresses

Over the past few days, I've been trying to walk in someone else's shoes. Namely - those of a spammer. I've downloaded countless number of bulk email programs (a euphamism for harvesting and verification programs - which can tell you which addresses are "live" and which are fake). I've learned a number of things about how some of these programs work and am here to tell you that an offsite link to "Spam Poison" or "Spam Trap" is NOT enough. Why? Because many of the programs extract email specific to that domain, so if the they're pulling email off of randsco.com, the program won't follow any links to domains that aren't 'randsco.com' domains. (None of the "Spam Trap" or "Spam Poison" email addresses will be pulled).

This is why SpamBack is important. You MUST create your own list of email addresses (fake, real or otherwise). Only then can you rest assured that some spammer email addresses will be fed into the harvesting system. If they're following offsite links - GREAT - you'll be pointing them to "Spam Poison" and "Spam Trap" (or other "SpamBack") sites, which will add even MORE desireable addresses to the harvested list. But if they aren't venturing off-site, then, at the minimum, you can feed them your own email list of spammer addresses.

Don't Stop There

I've been on an anti-SPAM crusade, of late, as I've investigated into the ugly underbelly of unsolicited email. Frankly, I'm mad as hell about SPAM and determined to do something! As much satisfaction as a passive "SpamBack" poison pill might be, I still desire a proactive approach.

I found it. It's called SPAM Cop. You may already be aware of this service, but I wasn't. This network exists for the sole purpose of reporting SPAM back to the ISPs and administrators whose servers are being utilized to serve up SPAM. They provide an easy-to-use interface, that allows one to report a SPAM email (either using cut-n-paste or email forwarding), automatically detecting the originating domain and filing reports with the system administrators for those domains.

The service is anonymous, so you're not going to be chastised or hunted down for 'whistle-blowing' on spammers. Registration is easy and again, there's a certain amount of satisfaction in turning the tables a bit on the spammers.

SpamCop isn't for everyone, as it does require a time commitment to identify and report the SPAM, but HEY ... someone has to do it, otherwise we'll all end up with more SPAM than we want. Why not you?

"SpamBack", "Spam Trap", "Spam Poison" or "SpamCop" ... all are tools that can be used to take a more active role in fighting the war on SPAM.

SpamBack Sites: A Link List

Use the any of the following links, in addition to your own SpamBack list, to feed bogus email addresses to email harvesting programs used by spammers

1) My "Green Eggs": http://randsco.com/blogs/skins/rands/_greenEggs.php

2) "Spam Poison": http://www.spampoison.net

3) ¥åßßå's "Spam Trap": http://yabba.waffleson.com/spamtrap.php

4) Don's "Big Boys": http://quicksilverhq.com/bigboys.html

5) Yours? Send an email or comment if you've developed a SpamBack list.

(Permalink)
Views: 12855 views
6 Comments · GuestBook
default pin-it button
Updated: 21-Aug-2005
Web View Count: 12855 viewsLast Web Update: 21-Aug-2005

Your Two Sense:

XHTML tags allowed. URLs & such will be converted to links.


Subscribe to Comments

Auto convert line breaks to <br />

1.flag Comment
07/18/05
I've eventually got round to linking to your green eggs on my spam trap ;)

Hope you're having a great holiday mate.

¥
2.flag stk Comment
08/07/05
That's OKAY ... I finally got round to replying to your comment.

The holiday involved too much driving, but it was good to see so many friends and show Oop off to the grandparents.

Hope you're having a good summer's bimble.
3.flag Comment
08/09/05
lol, yeah I've read about it.....damn, yer gonna need another holiday to recover :|

I'll post some more bimble moments soon ;)

¥
4.flag Lexagon Comment
06/07/06
Fellow farers, in the wake of the Blue Frog Wars there has arisen Okopipi - a P2P-based solution in the making for all those eager to take a more active role in the fight against spam. They're constantly looking for helpers willing and able; visit http://www.okopipi.org/
5.flag stk Comment
06/07/06
Lexagon,

Thanks for the links. I wish the 'Blue Frog' and sucessor, 'Okopipi', luck in the battle against email SPAM.

An update - while I still have my SpamCop account, I don't use it nearly as often as I used to.

I used it solidly for 5 months, reporting nearly every piece of SPAM that came my way. Only ONE was ever acted on (and even then, there was no indication of an outcome).

Use of SpamCop did nothing to stop the flow of SPAM in my in-box or bulk mail folder.

I've since stopped, as I don't have the time to report everything. Using Yahoo and Gmail, 98% of Spam is sniffed out and sent to my bulk mail folder, which I ignore. The few that make it into my inbox are quickly rerouted and/or reported.

My passive spam-fighting technique (SpamBack) is still in use, though I have no measure of how effective it is or how often it's harvested.

Now, we're concentrating our active Spam-fighting efforts on Comment/Trackback Spam for b2evolution bloggers.

So much Spam, so little time.

-stk
6.flag stk Comment
05/22/13
I miss you Yabba. :(