BLOG

Spamtraps

May 25, 2010 by in Industry

There is a lot of mythology surrounding spamtraps, what they are, what they mean, how they’re used and how they get on lists.

Spamtraps are very simply unused addresses that receive spam. They come from a number of places, but the most common spamtraps can be classified in a few ways.

  • Addresses that used to belong to someone and subsequently abandoned. This is where a lot of spamtraps at major ISPs come from.
  • Addresses that were never assigned to anyone, but they just started receiving spam one day. These are frequently used to drive filtering.
  • Addresses that were created and put on websites to track harvesters and web scrapers.  These addresses are frequently used to drive filters and track spammers.

Addresses that belonged to someone and were abandoned are usually “turned off” for a period of time between abandonment and re-purposing as a spam trap. They may return a 550 “user unknown” to any sender, or in some cases the entire domain will have no working mailserver. There are no hard and fast rules for how long the addresses are left unused, but most professionals leave them off for at least a year.

Addresses that were never assigned to anyone are not as common as they used to be. It used to be that some small or mid-size domain owners would turn on their SMTP server to accept all email to any address at that domain, existing or not. Mail to addresses that were not associated with a user would be stored. As the volumes of random mail increased, the spamtraps were used to drive filtering and blocking decisions. This is not as common now because the sheer volume of spam can create bandwidth and storage problems for domain owners.

Addresses that were seeded on websites, or on Usenet, are used for a number of purposes. These addresses often wind up on lists because someone has purchased addresses.

Spamtraps on a mailing list or in a database is a sign that there is some problem with the address acquisition process. As a result, the solution to spamtraps on a list is never just remove the available spamtraps. Instead, you need to figure out what broke and correct the underlying issues.

3 comments

  1. Jon Stanesby says

    Great summary Laura! You are so right. Just removing spam traps (if you can identify them) is not a solution – it is merely sticking a metaphorical plaster on the wound. Tackling bad acquisition practices and latterly data hygiene of long standing inactive users (e.g. no opens/no clicks in 18months etc..) will help to organically minimise the number of spam traps hiding in your list.

    May 26, 2010, 4:28 am
  2. Spamtraps mean your list is bad – Word to the Wise says

    […] Spamtrap Mythology […]

    April 11, 2012, 1:01 pm
  3. Brian says

    A client using SendGrid for post-action emails has hit 6 Hotmail spam traps in the past 72 days. The only emails being sent via SendGrid are to email addresses that signed up on their website within the last 90 seconds. Instances like this make me scratch my head.

    We have no way of determining which addresses those are, or who is entering them.

    April 11, 2012, 3:30 pm

Comment:

Your email address will not be published. Required fields are marked *

The importance of data hygieneEmail lost a valuable voice

  • OTA joins the ISOC

    The Online Trust Alliance (OTA) announced today they were joining forces with the Internet Society (ISOC). Starting in May, they will operate as an initiative under the ISOC umbrella. “The Internet Society and OTA share the belief that trust is the key issue in defining the future value of the Internet,” said Internet Society President and CEO, Kathryn Brown. “Now is the right time for these two organizations to come together to help build user trust in the Internet. At a time when cyber-attacks and identity theft are on the rise, this partnership will help improve security and data privacy for users,” added Brown.No Comments

  • Friday blogging... or lack of it

    It seems the last few Friday's I've been lax on posting. Some of that is just by Friday I'm frantically trying to complete all my client deliverables before the weekend. The rest of it is by Friday I'm just tired. Today had the added complication of watching the Trumpcare debate and following how (and how soon) it would affect my company if it passed. That's been a bit distracting, along with the other stuff I posted about yesterday. I wish everyone a great weekend.1 Comment

  • Indictments in Yahoo data breach

    Today the US government unsealed an indictment against 2 Russian agents and 2 hackers for breaking into Yahoo's servers and stealing personal information. The information gathered during the hack was used to target government officials, security employees and private individuals. Email is so central to our online identity. Compromise an email account and you can get access to social media, and other accounts. Email is the key to the kingdom.No Comments

Archives