New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Best TLD for malware honeypot email domain?
As my Dionaea honeypot is failing to receive any samples I'm considering buying a domain name then post the a "catch" email around the web in order to catch spam which could lead to sites containing malware (then submit to vt, analyse etc).
Anyone here have experience with this? Any suggestions? I'm going to try it with a dot.tk name first, but do spammers bother sending to addresses at .tk names?
Probably .com would be the best for this?
Comments
spamandhack.me
honeypo.to
.com, .net, .eu. Even on my .be (i'm Belgian) i have lots of spam.
just post your honeypot here...
I'd rather not have it linked to my account, just because..
If you've ever owned a domain for a while which you've never used for email, just add a catchall address to it. And if you've owned it for a few years, much better.
Create a fake account through a VPN through that server and start posting here (with link in sig?)
Create a fake account through a VPN through that server and start posting here (with link in sig?)
PM me the IP, then I'll try to give some anonymous hints to those open relay seekers to hit your honeypot. You might need to rate limit the incoming connections.
I've gotten literally 0 spam on my .xyz domain.
0 spam on .im domain(~2yr) and .bz(~6mo) so far
lots of spam attempts on .is
I think it depends on where you leave your addresses in the public. Why would anyone send you spam if they don't know of your address? Sign up for everything and anything to get things rolling.
Use a gTLD, since relatively easy access to their zone files result in lots of lists flying about, you're more likely to get seen.
Usually when I check my catch-all inbox, I'm seeing a lot mails for non existing users and they're mostly like either trying word @ domain OR aa ab ac a... @ Domain
So I think maybe using a dictionary word as domain name on a com/net/org might work better for those spamming a....les who use common/dictionary words to generate new mails.
Also, you should try to add your email on as many public sites as you can.
I have a mail server on a .cf domain and it's just hammered with attempts, and was from the day I started it. Perhaps the Freenom domains are a magnet. It'll cost you nothing to find out.
will look into this, thanks!
spamme.email is available