BLOG

What about the spamtraps?

I’ve been slammed the last few days and blogging is that thing that is falling by the wayside most. I don’t expect this to change much in the very short term. But, I do have over 1200 blog posts, some of which are still relevant. So I’ll be pulling some older posts out and sharing them here while I’m slammed and don’t have a lot of time left over to generate new content.

Today’s repost is a 2015 post about spamtraps.

Spamtraps are …

… addresses that did not or could not sign up to receive mail from a sender.

… often mistakenly entered into signup forms (typos or people who don’t know their email addresses).

… often found on older lists.

… sometimes scraped off websites and sold by list brokers.

… sometimes caused by terrible bounce management.

… only a symptom …

… of a bigger problem with address collection.

Removing spamtraps …

… just means you’ve removed the spamtraps you know about.

… may mean you have a spamtrap free list …

… until you start adding new addresses to it.

… does not fix mail going to addresses belonging to other people.

… does not guarantee good delivery.

… ignores the underlying issues.

Why do people take spamtraps so seriously?

A lot of this is historical and some of it is to avoid arguments. Just about any sender, when told they’re sending mail to someone who didn’t ask for it will respond “But we only send opt-in mail! That person is wrong! They signed up!!” I’ve had this happen to me more times than I can count.

I’ve even had clients come to me in the past where I’ve been able to dig into my own mailbox to affiliate spam. This is always a fun conversation.

spammailboxMe: Here are a dozen examples of the mail your affiliates sent to me in the last month.

Client: All our affiliates send opt-in mail. They’ve assured us of this.

Me: This is an email address only ever published on a website / not used since 2001 to sign up for anything / untagged so it’s not something I would have given them.

Client: Our vendors say you’re wrong. Would you like to hop on a call with them so they can tell you when you opted in?

The calls have happened and vendors have argued with me about whether or not I opted in to receive stuff from them. It tends to end up them claiming I opted in to mail and me telling them I did not. Sometimes they tell me I just forgot – except all my actual opt ins are tagged addresses and have been since roughly 1999, so if you’re not mailing a tagged address, I never gave it to you. Sometimes they tell me I opted in to some company they purchased back in the late 90s and therefore they had permission to send to me.

The discussions are never productive. They are so fixated on their business story, that they will duck and weave and tell me I’m wrong about the spam they are sending me.

This is why people focus on spamtraps!

With spamtraps there isn’t the discussion of whether or not someone signed up. There’s no account owner, no one who has this address and could have signed up. Even in the case of recycled traps, the addresses generally bounced for a while telling senders there was no account owner there. Focusing on spamtraps on a list deflects the back and forth argument about whether or not the sender has permission to send mail they’re sending.

But spamtraps aren’t the problem!

In fact, I was just talking to one of the Spamhaus volunteers who told me “I hate the modern day focus on traps.” I agree. We focus on traps because it deflects and diffuses a lot of the arguments about whether or not someone opted in. But that means we don’t address a lot of real issues, either. If there are spamtraps on a list, then that list has problems. Focusing on removing the traps doesn’t resolve the problems, it just focuses on the traps. That tends to lead to a cleanup strategy that doesn’t do what the sender thinks it does.

Spamtraps are the symptom!

If there are spamtraps on a list, then there are also addresses that go to a person who never opt-in on that same list. Focusing on fixing the problems that led to the spamtraps getting on the list then cleaning off addresses that aren’t performing leads to better overall delivery and fewer problems. Focusing on getting rid of spamtraps may, but may not, fix a SBL listing. Maybe. But it’s my experience that fixing a SBL listing may only resolve a small fraction of delivery problems. Getting off the SBL by trying to address spamtraps, will not fix bulk foldering or temp fails are major webmail providers.

Focusing on improving overall list hygiene and really making sure that mail is wanted and expected by the recipients generally will resolve both the SBL listing and fix the other delivery problems that are happening because of poor data and poor list hygiene.

I’ve written about spamtraps before. 

 

2 comments

  1. Mathieu says

    Hello Laura,
    I agree with you that trying to rid a list of traps is at best an inproductive use of time, and can at worst cause an interisting symptom to disappear (thus making diagnosys of deliverablity issues more challenging).
    But I still sometimes find a use in identifying traps as, with some clients that are ready to improve their practices, it can help in identifying underlying issues. I just had such a case last week where, by focusing on some identified traps we found out that the clients system had a bug where it would enter a false “last open date” on some adresses under specific conditions. By fixing this issue we both got “naturally” rid of the trap adresses, but more importantly are working on getting a cleaner program overall in terms of practices.
    As you say, traps are only a symptom, but I think they can be one of the more interesting and useful, especially as they are one of the few “black or white” symptom (you either have or don’t have traps) in a trade that deals a lot in “grey areas”.

  2. Moliverability says

    Hi Laura, people focus on the traps because it is the reason they get off blacklists and temporary blocklists of ISPs. Many are still in the mindset of volume = king.
    No one likes to hear that their list size is being cut down because it is useless now since it’s many years old.

Comment:

Your email address will not be published. Required fields are marked *

  • OTA joins the ISOC

    The Online Trust Alliance (OTA) announced today they were joining forces with the Internet Society (ISOC). Starting in May, they will operate as an initiative under the ISOC umbrella. “The Internet Society and OTA share the belief that trust is the key issue in defining the future value of the Internet,” said Internet Society President and CEO, Kathryn Brown. “Now is the right time for these two organizations to come together to help build user trust in the Internet. At a time when cyber-attacks and identity theft are on the rise, this partnership will help improve security and data privacy for users,” added Brown.No Comments


  • Friday blogging... or lack of it

    It seems the last few Friday's I've been lax on posting. Some of that is just by Friday I'm frantically trying to complete all my client deliverables before the weekend. The rest of it is by Friday I'm just tired. Today had the added complication of watching the Trumpcare debate and following how (and how soon) it would affect my company if it passed. That's been a bit distracting, along with the other stuff I posted about yesterday. I wish everyone a great weekend.1 Comment


  • Indictments in Yahoo data breach

    Today the US government unsealed an indictment against 2 Russian agents and 2 hackers for breaking into Yahoo's servers and stealing personal information. The information gathered during the hack was used to target government officials, security employees and private individuals. Email is so central to our online identity. Compromise an email account and you can get access to social media, and other accounts. Email is the key to the kingdom.No Comments


Archives