Often spammers send emails blindly to several email addresses without verifying if the address belongs to a real person. Honey pot is a mechanism to trap such email and analyze their content. Since the actual addresses are invalid no one gets these emails but the server builds a pattern based on these messages and assigns scores to emails where the pattern matches and is associated with a real person.
For example, you create honey pots for the following fictitious email addresses.
Ideally, no email should be sent to these addresses since they don't belong to anyone. However, a spammer does not know this and if an email comes to such address the server can find out:
The IP address where the message came from
Parse its contents for certain keywords, web addresses and phone numbers
Using this information Xeams can assign score to messages that have the same pattern.
Now I know what the honeypot is, how do I turn it on, set it up, and manage it?
Posted by Artur on 2/14/15 9:32 AM
In case of simple smtp proxy can I use i.e. m@ or bob@ address for any-domain catch?
Posted by Jorge on 11/4/14 11:34 AM
You just need to enter the fictitious email addresses in the Honey-pot section. Whenever an email is intended for the recipient, the system will block the IP for a period of time. You can view the IP addresses in the "penalty box" by accessing the IP section.
Add a comment to this document
Do you have a helpful tip related to this document that you'd like to share
with other users? Please add it below. Your name and tip will appear at the
end of the document text.