gloomytrousers.co.uk

wpoison-gt

The original wpoison, by Ronald F. Guilmette, is a CGI script that generates random web content containing made-up e-mail addresses; the idea is that spammers' web crawlers, which trawl web sites looking for e-mail addresses, stumble upon it and start adding these made-up e-mail addresses to their lists. This either forces the spammer to dump the entire list or manually clean it (if they notice the poisoning) or waste their resources trying to spam non-existent e-mail addresses (if they don't).

However, the original version suffers from a number of problems:

The content generated is in a fixed format which is trivial to identify.
The usage restrictions specify that all installations must have a link to the wpoison site on their homepage; this makes it trivial for a crawler to skip any sites that have this.
It is possible to determine if the script is in use by requesting a made-up URL inside the wpoison 'site' - wpoison will return content for anything, and never return a 404 error.
Requesting the same page several times results in totally different content each time, unlike a real site.
The content generated is devoid of punctuation and other formatting, with a limited set of HTML markup, making it easier to identify as bogus.
There is no limit to the amount of e-mail addresses the script will issue to a single crawler; a sudden large number of new e-mail addresses may arouse the spammers' suspicion early on.
Also because there is no limit, badly-written but legitimate crawlers may get 'stuck' in the 'site', increasing the load on the server unnecessarily.

So, in light of this, I produced an amended version, wpoison-gt, which does not suffer from issues 1 and 5. Full changes:

The order of output of words, links and e-mail addresses is now randomised in the response.
The various parts of the <head> are included/excluded at random (apart from the robots meta tag, which is always included), and output in a random order.
Output includes various HTML tags so it looks more like a real page; there's also some randomly-sprinkled punctuation.
Indents and newlines in head and body are randomised.
Output is now more-or-less-valid XHTML, styled with CSS.
We now sleep() for a short time before any of the body is output, rather than right at the end, just in case over-zealous crawlers start fetching the links we send before we've finished output. There's also occasional random sleep()s while we do output.

However, the orifinal author is no longer maintaining wpoison, and does not wish to incorporate my modifications, so I am distributing it here. This script is based on the original wpoison code, and is suitable for use as a drop-in replacement, so the original installation instructions should all still apply. Please note the original licence still stands (this release is not made under the GPL), including the requirement to link to the original wpoison site - see the comments in the code.

I may eventually rewrite the script from scratch to address all of the remaining issues, so the perl version presented here is unlikely to be updated further. The new version will be released here as time/interest permits.

You can see this version of the script in action - the output has a pleasing Vogon poetry feel to it. Compare the HTML source, structure and variety of the output to the original version.

wpoison-gt-0.1.tar.gz (v0.1, 26 May 2007, 5.2KB)