Article 169969 of comp.os.vms:
In article <1997May14.125623.1013@tachyon.com>, wayne@tachyon.com-kill-spam-it-sux (Wayne Sewell) writes:
[stuff deleted]
>
> I don't think my web pages are the problem, though they do contain my email
> address. The pages have fairy traps enabled and they don't appear to have been
> triggered, except on one occassion.
Several people have asked me what fairy traps are. In hindsight, I should have
explained the term at the time, since it's not in wide use. My only excuse is
that I was not fully awake at the time (a common problem for people who post to
usenet :-) ).
A fairy trap is a bogus email link in a web page, using an email address that
doesn't actually exist at your site. The link does not have any corresponding
display information, so it cannot be seen just looking at the page. It is
visible to the robots, however, since they look at the HTML source. I normally
use robot_nemesis@tachyon.com for this. If a webcrawler robot is harvesting
email addresses, it should include the bogus address in the mailing list as
well. Then if you actually get spam mail addressed to the bogus user, you know
that the fairy trap was triggered and that your web page is being abused.
Someone just looking at the page can't use these mail links, since they aren't
visible or clickable, so it has to be a spambot. If the username is
completely bogus, the mail can't be delivered, so I use a forwarding entry in
vms mail to forward the message to me.
I found another cute trick along the same lines in one of the anti-spam pages.
In addition to using a bogus address at your own site, use
"mailto:postmaster@[127.0.0.1]" for a link. It gives me great entertainment to
think that one of these bozos might spam his own postmaster. Of course, that
wouldn't do anything at a rogue spam-farm site like cyberpromo, or any site
that is a customer of the rogue ISP agis.net, where the postmaster would be in
cahoots with the spammer. However, it might make a difference if the spammer
merely has an account at a legitimate site. I usually hit the other obvious
local addresses also, such as abuse, root, webmaster, info, sales, support,
system, etc, and throw in "screwup_mailbot@[127.0.0.1]" just for laughs. Of
course, some spambots can probably filter addresses like this out, so it's
uncertain whether this tactic is effective. Unfortunately, there's no way to
find out if it worked or not, since the mail would be local to the spammer's
site.
The basic fairy trap should work though, because it looks like a legitimate
address.
One can only hope.
Anyway, I have the following at the bottom of my main web pages.
As you can see, there is no text field associated with these, so there is
really nothing to see and nothing to click if you are just looking at the page.
The spambot probably doesn't notice that, though.
As far as where the term "fairy trap" comes from, let me first say that it has
nothing to do with sexual orientation. The fairies in question are the
original kind, with wings. There was a science fiction novel back in the 80s
in which fairies were a nuisance, always flapping around in everyone's face,
and fairy traps were invented to get rid of them. A fairy trap was a complex
mechanism with lots of moving parts and flashing lights that fascinated and
hypnotized the fairies. Attracted from miles around, they congregated around
the traps and just sat there with glazed eyes.
In a similar fashion, the web page fairy trap attracts the spambots and keeps
them occupied with gathering useless email addresses.
Wayne
--
===============================================================================
Wayne Sewell, Tachyon Software Consulting (214)553-9760 wayne@tachyon.xxx
http://www.tachyon.xxx/www/tachyon.html and wayne.html
change .xxx to .com in addresses above, assuming you are not a spambot :-)
===============================================================================
C3PO(during Falcon liftoff): "I'd forgotten how much I hate space travel."