Home / Blogs

Catching Spam Email with Project Honey Pot

Since its launch in October, 2004 Project Honey Pot has made some interesting progress in their war against spam email. The project is a distributed system used to identify spammers and spambots operating across the Internet. To put it simply, Project Honey Pot lays millions of traps around the Internet (66,393,293 as of this writing) baited with specific email addresses that are configured to forward received emails to the Project Honey Pot system. Since these are not email addresses used by real individuals virtually every email received is positively identified as spam.

Looking at their statistics it is hard not to be impressed with the effectiveness of this system: 85,989,816 spam servers identified; 1,546,419,133 unique spam messages processed through their system. Those may seem like huge numbers but in the scope of the Internet as a whole it is only a fraction of the mail flowing around the Internet. Recent estimates put global Internet mail traffic at ?294 billion messages per day, or more than 2.8 million emails sent every second—that’s 90 trillion emails per year. Unfortunately, those same estimates show that 90% of these messages contain some form of spam or malware content.

Spam remains one of biggest problems facing the Internet today. While dealing with spam and unsolicited commercial email (UCE) is annoying to say the least, the true burden is in the cost to corporations in bandwidth, delayed email, and employee productivity. The corporate mail server has become the new battleground in the war against spam. The typical Internet consumer often believes incorrectly that their Internet Service Provider (ISP) has a handle on the problem of spam. But Spam is a world-wide problem, however, and email systems around the world are not designed or configured in a consistent manner or managed to the same standards. Without any type of unified coordination or anti-spam standards there is no effective means to stem the growing tide of spam email, and the spammers know it.

To help tackle the spam issue, the information and statistics collected by Project Honey Pot are put to good use. The data is collated, processed, and shared with not only the participants in the project but with law enforcement, as well. As they state on the project web site, “Harvesting email addresses from websites is illegal under several anti-spam laws, and the data resulting from Project Honey Pot is critical for finding those breaking the law.” Additionally, they periodically collate the spam data collected and share it with anti-spam developers and researchers. It is obvious that the team behind the project is serious about not only identifying and shutting down the sources of spam content on the web but also in locating and prosecuting the people responsible for it.

According to the statistics provided by the project web site, enough processing power current exists in the project to monitor an estimated 547,625,000,000 spam traps. Given the number currently monitored there is plenty of room for growth, and given the amount of spam we continue to see in our inboxes each day it is apparent the project needs more participants to continue the research and fight against spam email.

If you operate a web site it is easy to join the project. Simply visit the Honey Pot Project website at http://www.projecthoneypot.org. While it is free to join the project, you must be an official member to host a honey pot address on your web site or to access and contribute data.

Given the benefit to the global Internet community—and the impact the project can have—I would go so far as to say that web site operators should look at this not as an opportunity, but as a responsibility, to serve the community we participate in every day.

By Mike Dailey, IT Architect and Sr. Network Engineer

Filed Under


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global


Sponsored byVerisign


Sponsored byDNIB.com

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC