Increasingly, anti-spam efforts have required co-ordination between law enforcement, researchers, major consumer financial service companies and Internet service providers who need e-mail spam, identity theft and phishing evidence to track and monitor the risks and activities.
Honeypots
Another approach is simply an imitation MTA which gives the appearance of being an open mail relay, or an imitation TCP/IP proxy server which gives the appearance of being an open proxy. Spammers who probe systems for open relays/proxies will find such a host and attempt to send mail through it, wasting their time and potentially revealing information about themselves and the source of spam to the unexpected alert entity (in comparison to the anticipated careless or unskilled operator typically in charge of open relay MTA systems) that operates the honeypot. Such a system may simply discard the spam attempts, submit them to DNSBLs, or store them for analysis.
