• Source: List poisoning

      • The term list poisoning refers to poisoning an e-mail mailing list with invalid e-mail addresses.


      Industry uses


      Once a mailing list has been poisoned with a number of invalid e-mail addresses, the resources required to send a message to this list has increased, even though the number of valid recipients has not. If one can poison a spammer's mailing list, one can force the spammer to exhaust more resources to send e-mail, in theory costing the spammer money and time.
      Poisoning spammers' mailing lists is usually done by blacklists submitting fake information to email submit style offers, or by posting invalid email addresses in a Usenet forum or on a web page where spammers are believed to harvest email addresses for their mailing lists.


      Vulnerabilities


      Syntactically invalid email addresses used to poison a mailing list could be easily filtered out by the spammers, while using email addresses that are syntactically correct could cause problems for the mail server responsible for the email address.
      Implementations of spam poisoning systems can be avoided, if spammers learn of their location (e. g., they could automatically filter out any address containing "spampoison.com").
      Spammers often steal resources so that the efficiency of a mailing places little financial burden on the spammer.


      See also


      Anti-spam techniques (e-mail)
      Address munging
      Botnet
      E-mail address harvesting
      Spamtrap
      Stopping e-mail abuse


      References




      External links



      List poisoning code written in Perl.
      List poisoning code written in PHP.
      Simple list poisoning code written in BASH shell script and a working example.
      Hosted list poisoning and honeytrap SpamPoison

    Kata Kunci Pencarian: