-
Notifications
You must be signed in to change notification settings - Fork 351
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Honeypot detection #91
Comments
Is there a way to detect that address is a Honeypot? |
tbh I don't have a clear idea how to do it either. But other email validation services provide it, so it could be good to investigate how they do it. I guess it'll be based on some heuristics. An idea could also be to include in the binary a moderately-sized txt file with honeypot addresses. |
Honeypots are like normal addresses, you can check that address is spam trap with sending one email and waiting for listing your ip/etc.. in blacklist OR you can have database of spamtraps, so just filter them out |
waiting to being blacklisted seems bad idea... |
Can I pick this up? I have a few ideas based on some assumptions. Every HoneyPot has an OpenRelay (they are trying to trap so all bets are off). We can essentially detect if it is an open relay or not, instead of trying to detect if it's honeypot. Instead of giving a definite BOOL we can return a confidence score based on these conditions. These assumptions are based on testing multiple open source honeypot providers. What do you think @amaury1093 ? |
Nice, I'd definitely like to see a PR, though I'll need to test it thoroughly first before merging into production code. Confidence score sounds good. |
would be cool to do this, but I'm not sure how |
Does email address under test hide a honeypot?
The text was updated successfully, but these errors were encountered: