BLOG

Spamtraps

There is a lot of mythology surrounding spamtraps, what they are, what they mean, how they’re used and how they get on lists.

Spamtraps are very simply unused addresses that receive spam. They come from a number of places, but the most common spamtraps can be classified in a few ways.

  • Addresses that used to belong to someone and subsequently abandoned. This is where a lot of spamtraps at major ISPs come from.
  • Addresses that were never assigned to anyone, but they just started receiving spam one day. These are frequently used to drive filtering.
  • Addresses that were created and put on websites to track harvesters and web scrapers.  These addresses are frequently used to drive filters and track spammers.

Addresses that belonged to someone and were abandoned are usually “turned off” for a period of time between abandonment and re-purposing as a spam trap. They may return a 550 “user unknown” to any sender, or in some cases the entire domain will have no working mailserver. There are no hard and fast rules for how long the addresses are left unused, but most professionals leave them off for at least a year.

Addresses that were never assigned to anyone are not as common as they used to be. It used to be that some small or mid-size domain owners would turn on their SMTP server to accept all email to any address at that domain, existing or not. Mail to addresses that were not associated with a user would be stored. As the volumes of random mail increased, the spamtraps were used to drive filtering and blocking decisions. This is not as common now because the sheer volume of spam can create bandwidth and storage problems for domain owners.

Addresses that were seeded on websites, or on Usenet, are used for a number of purposes. These addresses often wind up on lists because someone has purchased addresses.

Spamtraps on a mailing list or in a database is a sign that there is some problem with the address acquisition process. As a result, the solution to spamtraps on a list is never just remove the available spamtraps. Instead, you need to figure out what broke and correct the underlying issues.

3 comments

  1. Jon Stanesby says

    Great summary Laura! You are so right. Just removing spam traps (if you can identify them) is not a solution – it is merely sticking a metaphorical plaster on the wound. Tackling bad acquisition practices and latterly data hygiene of long standing inactive users (e.g. no opens/no clicks in 18months etc..) will help to organically minimise the number of spam traps hiding in your list.

  2. Spamtraps mean your list is bad – Word to the Wise says

    [...] Spamtrap Mythology [...]

  3. Brian says

    A client using SendGrid for post-action emails has hit 6 Hotmail spam traps in the past 72 days. The only emails being sent via SendGrid are to email addresses that signed up on their website within the last 90 seconds. Instances like this make me scratch my head.

    We have no way of determining which addresses those are, or who is entering them.

Comment:

Your email address will not be published. Required fields are marked *

  • ReturnPath on DMARC+Yahoo

    Over at ReturnPath Christine has an excellent non-technical summary of the DMARC+Yahoo situation, along with some solid recommendations for what actions you might take to avoid the operational problems it can cause.No Comments


  • AOL problems

    Lots of people are reporting ongoing (RTR:GE) messages from AOL today.  This indicates the AOL mail servers are having problems and can't accept mail. This has nothing to do with spam, filtering or malicious email. This is simply their servers aren't functioning as well as they should be and so AOL can't accept all the mail thrown at them. These types of blocks resolve themselves. 1 Comment


  • Fixing discussion lists to work with new Yahoo policy

    Al has some really good advice on how to fix discussion lists to work with the new Yahoo policy. One thing I would add is the suggestion to actually check dmarc records before assuming policy. This will not only mean you're not having to rewrite things that don't need to be rewritten, but it will also mean you won't be caught flat footed if (when?) other free mail providers start publishing p=reject.No Comments


Archives