Page 1 of 1
Project HoneyPot
Posted: 14 Jun 2017 16:18
by nicola.piazzi
It can be useful to weite a plugin that query for this database using the given key
https://www.projecthoneypot.org/httpbl_api.php
Re: Project HoneyPot
Posted: 27 Jul 2017 12:44
by efa-user
Would this be for the web interface, to prevent potentially malicious scripts from being able to attempt to log in?
Or are you suggesting that hosts which appear to be crawling websites are probably also going to be sending spam, and thus this data should be fed into SA?
Re: Project HoneyPot
Posted: 28 Jul 2017 11:11
by wilbourne
Put a reverse proxy in front of your web application
like this :
https://www.vultureproject.org/ and this is a waf server
Re: Project HoneyPot
Posted: 31 Jul 2017 12:12
by pdwalker
efa-user, no it's a tool used to recognize the IP of spam harvesters, so mail coming from these addresses are more likely to be spam.
It's yet another tool to add weighting to help determine if mail is junk or not.
Re: Project HoneyPot
Posted: 09 Aug 2017 14:14
by efa-user
so basically "that hosts which appear to be crawling websites are probably also going to be sending spam, and thus this data should be fed into SA" ?
Re: Project HoneyPot
Posted: 27 Sep 2017 07:43
by ovizii
not sure that projecthoneypot fits in here, apparently is does report 4 categories of IPs. Email Spammers specifically are not in there.
Value Meaning
0 Search Engine
1 Suspicious
2 Harvester
4 Comment Spammer