How to publish honeypot addresses?

Example honeypot page screenshot


Honeypots (spamtraps) in ORF are email addresses that you publish specifically as baits for spammers. Anyone sending to the honeypots is considered malicious and as such, banned temporarily from the server.

The tricky part is the publication: you need to place these honeypot addresses where spammers can find them.

This article gives you a few tips how to make and publish your own honeypots.

Creating honeypot addresses

A honeypot address can be anything in your domain, from [email protected] to [email protected]. We have a few recommendations to follow:

Note: you do not need to create actual mailboxes for the honeypot email addresses.

Publishing honeypots

You can get as creative as you want when it comes to publishing, just make sure that

Addresses are harvested from several sources, including the web (forums, your blog or website), Directory/Dictionary Harvest Attacks and worm-infected computers (mail archives, address books).

The easiest way is to publish the honeypot addresses on your website and wait for address harvester robots to come and pick them up. The rest of the article will try to give you a few ideas how to do this.

Note that it may take a while for spammers to find your honeypot addresses.

Honeypot Example Package / 25kB / May 12, 2009
Honeypot example package, contains (X)HTML, CSS and a JPG files and instructions.

Tip: Use example package

You can download an example web package from the link below.

The package contains (X)HTML, CSS and a JPG file and instructions on inserting your honeypot addresses. A link to this page must be placed on your website—it's OK, the link can be hidden from the regular visitors. Open readme.txt to learn more.

Tip: Add honeypots as hidden text to your web page

This tip requires some HTML knowledge. You can hide any HTML element with the CSS property "display". The following block will not be rendered in the web browser:

<div style="display: none;">
    Contact our <a href="[email protected]">Honeypot department</a> if you are
    <a href="[email protected]">desperate</a> to get blacklisted.

A similar trick is to use the same background and foreground color, but in this case your visitors will see what is hidden if they highlight the text.

No matter what link-hiding technique you choose, other web spiders like Google may index and show the hidden content in search hits. By creating a separate page with indexing disabled you can reduce the chance for such issues.

Tip: If you have a blog, publish a dedicated Honeypots entry

Explain the readers what the post is about, then pour in your honeypot addresses.

hnp1 | hnp2