Spamtraps

September 3, 2017

If you’ve spent any significant time in the email industry, you know that the subject of spamtraps makes some marketers cringe. Spamtraps are not out to get you and if you follow a few good practices, they won’t be too much of a problem.

There are quite a few excellent posts out there about spamtraps, yet this is a topic that often comes up with our customers. Let’s talk about the what, why and how.

What are spamtraps?

Spamtraps are email addresses that for multiple reasons, receive lots of unsolicited email. Depending on who runs the spamtraps, the email is archived, analyzed and mined for relevant information to improve anti-spam defenses. For DNS blacklists or better content analysis rules, spamtraps are a valuable data source.

Spamtrap operators want their spamtraps to remain unknown to spammers. This is why evidence collected by the traps is heavily redacted to prevent them from knowing how are they being caught over and over again.

The idea is to prevent spammers from learning which It’s kind of the same argument why police doesn’t want you to know where their checkpoints are.

While there are quite a few spamtraps that are single email addresses, most spamtraps are whole domain names. Most of them are domains that expired, abandoned by their former owners. Others are typos, domain names matching common misspellings of well known domain names.

There are traps whose addresses are dynamically generated and placed in web pages, so that scrapping bots will snatch them. Since each specific web visit generates a unique set of addresses, the spamtrap operator can correlate the scrapping activity with the spam content. Clever, huh?

Why are there spamtraps?

Spamtraps exist as a way to harvest information about spammers and their methods with the intent to further improve our anti-spam filters. By way of example, most DNS blacklists feed from spamtraps to identify spam sources and other useful characteristics. This is an incomplete but interesting list of well-known examples:

  • Spamhaus ZEN uses data from spamtraps as an important ingredient in their secret sauce.
  • SURBL and URIBL analyze spamtrap data to identify URLs in the message’s content.
  • Microsoft uses spamtrap hits as part of their assessment on your sending IP reputation, an important factor in deciding whether you deliver to the inbox or to the ether.

Don’t forget that there is actual people in charge of the ISP’s email infrastructure. That people often operate their own spamtraps that undoubtedly carry a very strong weight on deliverability. A client of ours who wishes to remain anonymous once had lots of trouble sending to a specific ISP precisely because of this.

How do I avoid spamtraps?

Most spamtrap operators know a great deal about the dynamics of the email industry and this usually shows in their processes and methods. They do understand the issues that may arise regarding their spamtraps and more often than not, have workarounds in place to minimize errors, a.k.a. false positives.

There are two important pieces of advice deriving from sensible mailing practices.

First, do pay attention to your hard bounces. After a small number of delivery attempts over a few days, any email address bouncing with a permanent error message must be discarded. Full stop. This is one of the most common issues we find when working with our prospects and clients. This is important because when domain names are being converted to spamtraps, common practice is to configure them so that a permanent failure is reported for any email delivery.

The second piece of advice is to always use Confirmed Opt In, that is, obtain a positive acknowledgement from the recipient before you start mailing regularly. Spamtrap operators know that mistakes do happen. People will go to your website and type in the wrong email address. Happens all the time, right?

So they have filters that discard your first few messages, as there are supposed to be the confirmations. Keep mailing that address and your mail will become another statistic.

We offer Email reputation recovery services to assist you in these and other cases where past mistakes have affected your email performance.

Do you have more questions about spamtraps or anything else email related? In that case, see you in Twitter.