Tracking email address harvesters
Erich Schubert's two posts about embedding spamtraps in web pages got me wondering about trying to track the web crawlers that harvest such addresses.
If the pages that had the embedded spamtraps could be dynamically generated, it'd be interesting to generate email addresses that encoded the time of the crawl (well the page load I guess) and the IP address of the remote host.
I expect that most of the harvesting is done by botnets, so it possibly wouldn't tell you a lot, but it'd be kind of cool to maintain a central blacklist of known harvesting IP addresses, that sites like mailing list archives could use to try and block the harvesters with.
[] [tech/security] [permalink]