Darrin Chandler <dwchandler@stilyagin.com> writes:

quoted text
> You publish spamtrap addresses, and of course you make them easily
> recognizable as such so you don't trap real people. Spammers spend a
> very small amount of effort and harvest spamtrap addresses *on purpose*
> and use them as sender addresses (joe job). The result being, of course,
> that you blacklist significant valid portions of the internet. Am I
> wrong here?

I'm not sure it matters.  We're seeing (domain) joe jobs all the time,
and all we ever notice about those spam runs are the bounces and
probably some entries in the spamd logs.

No method ever has a zero error rate, so there is a tiny chance that
some user on a misconfigured mail server would want to send me or a
colleague email within 24 hours of that server sending us a bounce to
s1llyb4strd666@bsdly.net and non-existent friends.  I am coming around
to thinking that if there's a visible link to the traplist on our web
with a sensible explanation (http://www.bsdly.net/~peter/traplist.html
is an early version), the user or an adult^H^H^Hmin would find that
page and figure out a way to contact us. Maybe even fix their config.

Oh well, one more spamtrap entry to add, then.

- P
-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.