[clue-tech] Collecting Spam

marlowe at antagonism.org marlowe at antagonism.org
Sun Sep 7 17:34:49 MDT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> No, I haven't lost my mind, though sometimes I wonder.
>
> I need to collect a representative sample of typical spam. I'm wondering
> if the easiest way is create a dummy account on the server in question,
> add it as an alias to the main spam recipient, let it build up
> in /var/spool/mail for a bit, and then copy the contents of that user's
> mail spool subdirectory to the machine where I need it -- creating the
> identical dummy account there.
>
> What I'm wanting to do is fling real junk mail at a test installation
> of Postfix/procmail/Spamassasin, to test a config.
>
> jed

Jed,

I have a rather large collection of spam.  I did so by creating a spam
honeypot following http://qmail.jms1.net/honeypot.shtml as a guide. 
Starting on Nov 15, I have collected 21,125 individual spams.  I would
have more, but I block the offending IPs almost immediately.  I believe
such a method can easily be modified for your installation and would
continue to serve you well after your testing.  Let me know if you have
any questions.

Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: 'email gpgpublickey-marlowe at antagonism.org for my GPG public key'
Comment: http://getfiregpg.org

iEYEARECAAYFAkjEZRQACgkQMYIXomaKpd9aEwCfUIcahyqftbn98lcbYE79e4jK
Us8AniUu03WqDkguG9FtFL5ORefhqc+K
=pdE9
-----END PGP SIGNATURE-----



More information about the clue-tech mailing list