Ingenious email-harvester honeypot

Merlin Mann outlines an ingenious procedure for identifying spammers' email-harvesters' IP addresses and user-agents:

In each page I serve, I include a bogus email address, encoded with the date of access as well as the host IP address and embedded in a comment. [Apache's server-side includes are great!] This has allowed me to trace spam back to specific hosts and/or robots.

One of the first I caught with this technique was the robot with the user agent "Mozilla/4.0 efp@gmx.net", which always seems to come from argon.oxeo.com – it's identified it above as simply rude.

Link

Discuss