List poisoning
From Wikipedia, the free encyclopedia
The term list poisoning as related to electronic mail (e-mail), refers to poisoning a mailing list with invalid e-mail addresses.
Contents |
[edit] Industry uses
Once a mailing list has been poisoned with a number of invalid e-mail addresses, the resources required to send a message to this list has increased, even though the number of valid recipients has not. If one can poison a spammer's mailing list, one can force the spammer to exhaust more resources to send e-mail, in theory costing the spammer money and time.
Poisoning spammer's mailing lists is usually done by posting invalid email addresses in a Usenet forum or on a web page, where spammers are believed to harvest email addresses for their mailing lists. If using a dynamically generated web site for poisoning, the web site could link to itself infinitely, theoretically causing a spammer's mailing list to be substantially poisoned.
[edit] Vulnerabilities
- Syntactically invalid email addresses used to poison a mailing list could be easily filtered out by the spammers, while using email addresses that are syntactically correct could cause problems for the mail server responsible for the email address.
- Implementations of spam poisoning systems can be avoided, if spammers learn of their location.
- Spammers often steal resources so that the efficiency of a mailing places little financial burden on the spammer.
[edit] Implementations
List poisoning code written in Perl is available [1].
List poisoning code written in PHP is available [2].
An example of list poisoning using a shared CGI at a public URL is available [3] (Implemented on 1,470,000 sites).
[edit] See also
Spamming | |
|---|---|
| General | History of spamming · Network Abuse Clearinghouse |
| E-mail spam | Address munging · Bulk email software · Dictionary spamming · Directory Harvest Attack · DNSBL · Spambot · Pink contract |
| Spam over other protocols | Autodialer · Flyposting · Messaging spam · Mobile phone spam · Newsgroup spam · Telemarketing · VoIP spam |
| Anti-spam techniques | Disposable e-mail address · E-mail authentication · SORBS · SpamCop · Spamhaus · List poisoning · Bayesian spam filtering |
| Spamdexing | Keyword stuffing · Google bomb · Scraper site · Link farm · Webring · Cloaking · Doorway page · URL redirection · Spam blogs · Sping · Forum spam · Blog spam · Referer spam |
| Internet fraud | Advance fee fraud · Lottery scam · Make Money Fast · Microcap stock fraud · Phishing · Vishing |
