Electronic mail spam is becoming a greater problem and companies are demanding better techniques for addressing the problem. While some companies rely upon spam filters, blacklists, etc., at the enterprise level in order to delete spam e-mail as it comes in, some situations require a stronger countermeasure. Aggressive spammers will often use a deluge of spam in order to attack a company, and it is desirable to identify the computers used by the spammers and their corresponding IP (Internet Protocol) addresses so that the spam may be blocked.
One technique that is known is the use of a honey pot. A honey pot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally, a honey pot is a computer that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers. One may create a honey pot program that masquerades as a computer resource easily abused in order to discover spammer activity. Honey pots can be a powerful countermeasure to abuse from spammers. For example, a honey pot can reveal the apparent IP addresses of the spammer's computers and can provide bulk spam capture, which enables an operator to determine a spammer's URLs (Universal Resource Locators) and response mechanisms. It is also possible to determine the e-mail addresses spammers use as targets for their test messages, which are the tool they use to detect open relays.
Nevertheless, even when honey pots are used they might not be able to identify all malicious computers that might be in use by spammer. It would be desirable to be able to predict the reputation of a computer or its IP address in order to thwart future spam attacks.