A spam trap is an email address that is used to expose senders who add email addresses to their lists without permission. Spam traps are also effective in identifying email marketers with poor permission and list management practices.
Spam traps are never revealed by their owners because traps are a secret component of their spam filtering. If companies revealed their spam traps, senders would suppress the address of the spam traps and not work to improve their contact lists.
There are several types of spam traps.
Classic or pristine spam traps
Classic spam traps are email addresses that are not assigned to users but receive email. In some cases, these addresses use domains that accept mail to any address (wildcard domains).
Seeded traps are email addresses that are created and deliberately scattered, or seeded, in various places online. Typically, they are hidden on websites, in source code, or sometimes dropped into unsubscribe forms.
These traps tell the trap owner that the sender is either scraping addresses or is buying lists from someone who is scraping addresses. The traps are good for identifying sources that send mail without permission or don't honor unsubscribe requests.
Message ID traps
Many address scrapers look for any string with an @ sign in it. Running scrapers over a web search or usenet search finds valid addresses and message IDs, which are spam traps. Email to these traps tells the trap owner that the sender is scraping addresses or buying lists from someone who is.
This type of address is almost never input into forms, so they make good "pure spam" traps.
Some viruses also scrape addresses, including message IDs, from machines that they infect.
Typo domain traps
These traps use domains that are similar to common domains, such as yaaho.com, gnail.com, or homail.com. Email to these traps tells the trap owner that the sender is trying to send mail to a contact but mistyped the address. Typically, these traps aren't pure spam traps and can contain real mail, so are generally weighted accordingly.
Dead address traps
Dead address traps are previously valid email addresses that are turned off. All email to these addresses is rejected with a hard bounce for some time, often 12 months or more. After consistently rejecting email, the addresses are silently turned back on as spam traps.
Dead address traps are useful for ISPs to weed out senders with poor list hygiene. If a sender is email to an address that bounces for months and then is unengaged, it is a red flag.
Dead domain traps
Trap owners purchase expired domains and collect mail that comes into them. In many cases, these domains are turned off for some period, either hard bouncing mail or not resolving in DNS.
These email addresses belong to a real user. They are used for real mail, but the owners use the unsolicited mail that comes into those addresses to make blocking decisions.
Domain registration addresses
Registration (or role account) addresses are a special case of live traps. These addresses, which are published in "whois" records, are frequently harvested and mailed.
These email addresses are created and submitted to senders. The goal of the trap is not to catch senders who are behaving badly, but to monitor sender traffic. These traps can be used to catch addresses that were stolen or sold. Some block lists also use these addresses to confirm that a sender is using confirmation on their list.
How to avoid spam traps
- Don't purchase or rent lists from third-party vendors.
- Remove role accounts if present. Find out how they got into the list.
- Remove bounced and invalid addresses.
- Segment data by responsiveness and age.
- Segment and remove inactive addresses.
- Confirm subscriptions and use double opt-in.
What to do if you are blocked
Stop sending email to that recipient or ISP immediately and open a trouble ticket with the Acoustic Campaign Customer Support.
For more information, see the MAAWG white paper Help - I'm On A Blocklist.