Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - Honeypot usage findings
  FAQ FAQ  Forum Search   Register Register  Login Login

Honeypot usage findings

 Post Reply Post Reply
Author
yapadu View Drop Down
Senior Member
Senior Member


Joined: 12 May 2005
Status: Offline
Points: 272
Post Options Post Options   Thanks (0) Thanks(0)   Quote yapadu Quote  Post ReplyReply Direct Link To This Post Topic: Honeypot usage findings
    Posted: 13 March 2009 at 3:50am
I've been looking at the honeypot option today, considering making it available to users.

I have found a few items by trial and error, manual, and these forums, and would like to confirm my findings:

  • Addresses placed in the honeypot blacklist have no effect if the email is not also added to the authorized to whitelist, due to filter order.
  • You can put email addresses on the TO blacklist, with the :honeypot option and it basically has the same effect except it does not need to be on the TO whitelist.  So basically the honeypot tab is not needed at all.
  • You can not use both a :honeypot and :null option on a single email address, only one option per email?
  • When an IP is added to the honeybotblockedIP list, it affects only the domain using the black listed email.  Other domains would not be effected.
  • Once an IP is added to the honeypotblockedips, it never expires (never is a long time!)

I can just see some company adding former employees to the honeypot list, then the former employee get his daily email from CNN and CNN ends up getting blacklisted and blocks CNN for all domains on the server.  That type of thing would be bad.

Does anyone see any errors with my findings?


Edited by yapadu - 13 March 2009 at 4:08am
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.107 seconds.