What Is A Spamtrap?

Spamtrap email addresses are “dummy” (but fully functional and deliverable) email addresses used for the express purpose of attracting spam. Any messages hitting these addresses are considered unsolicited bulk email. To summarize:

  • A spamtrap is a valid, deliverable email address that is exclusively used to receive unsolicited email
    • Incoming messages are monitored by human or automated processes
  • They may be virginal (i.e. a new email address) or re-purposed (i.e. previously used by a person)
  • Appearance-wise, they may be indistinguishable from any normal email address

Who Creates Them?

Spamtraps are developed by a range of entities with an interest in “canning spam”, including:

  • ISPs & mailbox providers (e.g. Verizon, Comcast, AOL, Microsoft, etc.)
  • Companies selling spam-filtering services (e.g. Barracuda, Trend Micro, etc.)
  • Nonprofits and volunteer groups (e.g. Spamhaus, Project Honeypot, etc.)
  • Individual anti-spam crusaders

Why Should a Legitimate Marketer Care About Spamtraps?

The answer lies in the unintended consequences of trap operations. In an effort to catch illegal spamming operations, traps sometimes ensnare legitimate marketers

How does this happen? It’s a question of origin. Spamtraps are not all alike. There are generally two types of traps:

  1. Pristine spam traps: Some are brand new email addresses created just to lure spam.
  2. Recycled spam traps: ISPs and spam-filter companies often use abandoned and expired email addresses as traps. When an address goes inactive and gets recycled into spam trap, it is “quarantined” for a period of 1-2 years. During this time it appears to be a bouncing email address to any outside senders. After the quarantine period, the address gets launched as a spamtrap. The assumption is, at this point, any legitimate sender would have purged it from their list.

How Many Spamtraps are There?

Hundreds of millions or more! New traps are created 24/7/365. For example, one operator, Project Honeypot, has a constantly updating counter on their site indicating how many traps they themselves monitor, and it’s currently approaching 400 million.

Are They Evil?

No! They are a valuable component of our email ecosystem. That’s because they provide critical insight into the behaviors and electronic fingerprints of true spammers. The spam filtering technology we all depend upon for a cleaner inbox often utilizes insights gleaned from traps.

It’s probably best to think of the email addresses like spiders… you recognize their importance but you certainly don’t want them popping up in undesired locations.

What Happens If I Send Email To One?

As a marketer or ESP, it’s bad news if you send an email to a spamtrap. What happens next has a lot to do with:

  • The trap operator
  • The quantity of their traps you hit
  • The number of times you email the same traps; and
  • The content of what you mailed.

Possible outcomes include:

  • Nothing: The operator may ignore the email entirely or just record what you sent in case it happens again.
  • Flag similar messages as spam. The spam operator may decide to deliver other emails that look like yours to their customers’ spam folders.
  • Block similar messages. Your mailserver’s IP or domain may start seeing blocks / delivery rejections from the domain(s) managed by the spam trap operator.
  • Delete similar messages. In extreme cases, the operator may make the decision to protect their user base and delete all mail incoming from your mailserver IP or domain.
  • List you – Your mailserver’s IP, your domain, or more may appear on a blacklist, and other mail operators who watch that list may also take any of these listed actions as well.

Are You Hitting Spamtraps?

Usually your ESP will let you know if you message a trap. Here are two other options:

1.) Use a blacklist monitoring service

2.) Keep a close eye on your marketing outcomes

Are you seeing a decrease in your key performance metrics? If so, it’s likely you’re having an email deliverability problem related to hitting a trap. Remember, the dip could be within a single domain/ISP).

How Bad Could One Spamtrap Be?

Hitting one or two spam traps a few times could bring down your entire email program. Blacklisting organizations with legitimate goals to protect consumers from spam have been known to penalize even large companies with established reputations in email marketing.

Getting off a blacklist can sometimes require executing an agreement with the blacklist provider. In many cases, marketers agree to pare down their list to only those individuals who have opened and clicked through on their emails in the last 3-6 months. We’ve seen this happen with a Fortune 100 company whose list went from over 10 million names to under 500,000 – ouch!

How Marketers Get Spamtraps On Their List

  • Bad data. The vast majority of lists for sale contain spam traps, many of which were the result of scraping (aka ‘harvesting’) email addresses off the Internet. Thus, the adage ‘don’t buy a list’ is sound advice. Sometimes unbeknownst to you, the source or vendor you utilized to help you build your list is filling your database with low quality bought or scraped addresses.
  • Bad list management. Conscientious email marketers message their list routinely and carefully suppress bounces and unsubscribes from future sends. Failure to follow these best practices may result in you messaging re-purposed traps.
  • Bad luck. It is possible that traps enter your list accidentally through your regular signup process. Some trap networks operate off the typo domains of major ISPs. As result, traps can end up in your list simply because of sloppy key stroking.
  • Poisoning. Spammers or competitors will intentionally register known spam trap email addresses in an effort to get the marketer in trouble or discredit the spam trap provider.

SOLUTION: Living Free From Spamtrap Fears

Marketers who want to live a spam trap-free life should follow these three tenets:

  1. Formalize best practices. Don’t buy lists. Don’t scrape the internet for email addresses. Scrutinize your vendors and data sources carefully. Also, always remember to suppress bounces and unsubscribes.
  2. Routinely message. Be sure you are actively utilizing your email addresses. If you aren’t touching every address on your list at least a few times a year, you may fail to notice when an address goes bad. This can be a precursor to it becoming re-purposed as a trap.
  3. Run routine list hygiene. Work with an industry expert to help you regularly scrutinize your email list for typos and traps. You can implement an API at the point of acquisition, do quarterly reviews, or set up for automated monthly monitoring. Trace any problems upstream and fix (or remove) that acquisition source.