3

I am having catch-all mailboxes for a lot of domains. The mails I receive for them are either spam or have viruses or trojans attached.

So far I am just throwing them away, but I wondered if it wasn't possible to use the mailboxes as some kind of honeypot and forward them to a anti-spam foundation or virus trap if something like this exists!?

Do you know any service or organization I can forward all this scam / viruses to so they get detected and help reducing spam and scam on the internet?

Improve this question
2
  • Virus total is the general place for this.
    – schroeder
    Commented Mar 18, 2016 at 22:30
  • Forward them to me. Where can I contact you? I want ALL the virtual diseases!!!
    – Mark Buffalo
    Commented Mar 19, 2016 at 7:00

3 Answers 3

Reset to default
3

Your email provider will probably have a way for you to report spam for analysis, there are lots of organizations that fight spam and make internet a better place. Here are a few that allow you to submit spam for analysis:

you can use your favorite search engine and search for the term "submit spam" to get a list of sites that allow submission of spam for analysis.

Improve this answer
3

At my company we have our own mail gate and spam filter (Barracuda) as well as ESET. Both of these feed largely on said type of data sets. However if you want to help the "internet" and the larger picture (thanks by the way :)) then please check out project honey pot. Free and open source this project is literally focused on exactly what you described. I use this tool almost everyday.

You can track attachments, ip, host, oh and they even have sample messages from mail servers deemed as spam cannons.

In my opinion this is the closest I have found for "greater good" of the Internet...

https://www.projecthoneypot.org

front end for project honey pot

Improve this answer
1

There are a number of companies and services which will accept this sort of data and use it to improve their database of virus/malware/spam signatures. for example, have a look at virustotal or some of the web based anti-spam and anti-malware services. Many CERT organisations will also accept such information, especially if your a member, as will many anti-virus vendors as it is all valuable input for their products.

In general, you need to verify the email or atachment is not already recognized by the service you plan to send the sample to. For these services and vendors, they don't want to be swamped by too many messages all with the same information. This is where a CERT can be useful as they may do that checking before passing it off. CERTS will often pass it off to multiple organisations as well.

If your a CERT subscriber, I would start there. If not, I would start with contacting your anti-virus/malwarespam vendor and asking if they would be interested and then I would look at some of the open source or free service providers and see if they can use your data. In addition to virusTotal, brightcloud and PhisTank would be worth checking out

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .