Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Best TLD for malware honeypot email domain?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Best TLD for malware honeypot email domain?

pylodepylode Member
in General

As my Dionaea honeypot is failing to receive any samples I'm considering buying a domain name then post the a "catch" email around the web in order to catch spam which could lead to sites containing malware (then submit to vt, analyse etc).

Anyone here have experience with this? Any suggestions? I'm going to try it with a dot.tk name first, but do spammers bother sending to addresses at .tk names?

Probably .com would be the best for this?

Comments

  • IceCreamIceCream Member

    spamandhack.me

  • rokokrokok Member

    honeypo.to

  • kriskenbekriskenbe Member

    .com, .net, .eu. Even on my .be (i'm Belgian) i have lots of spam.

  • cloromorphocloromorpho Member

    just post your honeypot here...

    Thanked by 1Mitchfizz05
  • pylodepylode Member

    @cloromorpho said:
    just post your honeypot here...

    I'd rather not have it linked to my account, just because.. :)

  • TrafficTraffic Member

    If you've ever owned a domain for a while which you've never used for email, just add a catchall address to it. And if you've owned it for a few years, much better.

  • TheLonelyTheLonely Member

    @smooch1502 said:
    I'd rather not have it linked to my account, just because.. :)

    Create a fake account through a VPN through that server and start posting here (with link in sig?) ;)

  • TheLonelyTheLonely Member

    @smooch1502 said:
    I'd rather not have it linked to my account, just because.. :)

    Create a fake account through a VPN through that server and start posting here (with link in sig?) ;)

  • chihcherngchihcherng Veteran

    PM me the IP, then I'll try to give some anonymous hints to those open relay seekers to hit your honeypot. You might need to rate limit the incoming connections.

    Thanked by 1Connorl
  • RalliasRallias Member

    I've gotten literally 0 spam on my .xyz domain.

  • EricLimaBEricLimaB Member

    0 spam on .im domain(~2yr) and .bz(~6mo) so far

  • 4n0nx4n0nx Member
    edited May 2015

    lots of spam attempts on .is

  • CoreyCorey Member

    I think it depends on where you leave your addresses in the public. Why would anyone send you spam if they don't know of your address? Sign up for everything and anything to get things rolling.

  • ricardoricardo Member
    edited May 2015

    Use a gTLD, since relatively easy access to their zone files result in lots of lists flying about, you're more likely to get seen.

  • NomadNomad Member

    Usually when I check my catch-all inbox, I'm seeing a lot mails for non existing users and they're mostly like either trying word @ domain OR aa ab ac a... @ Domain

    So I think maybe using a dictionary word as domain name on a com/net/org might work better for those spamming a....les who use common/dictionary words to generate new mails.

    Also, you should try to add your email on as many public sites as you can. :D

  • Ole_JuulOle_Juul Member
    edited May 2015

    I have a mail server on a .cf domain and it's just hammered with attempts, and was from the day I started it. Perhaps the Freenom domains are a magnet. It'll cost you nothing to find out.

    Thanked by 1linuxthefish
  • pylodepylode Member

    @Ole_Juul said:
    I have a mail server on a .cf domain and it's just hammered with attempts, and was from the day I started it. Perhaps the Freenom domains are a magnet. It'll cost you nothing to find out.

    will look into this, thanks!

  • sleddogsleddog Member

    spamme.email is available :)

Sign In or Register to comment.