The true facts of spam traps and typo traps

I’m seeing an increase in the number of articles stating wildly wrong things about spam traps. Some have started claiming that typo traps are new. Or that typo traps are newly used by Spamhaus. These claims make for great copy, I guess. Wild claims about how the evil anti-commerce self-appointed internet police are actively trying to trap marketers get clicks. These claims also reinforce the martyr complex some senders have and gives them something to commiserate about over drinks at the next email conference.
I strongly recommend ignoring any article that claims Spamhaus started using typo traps in December 2012. In fact, you can immediately dismiss absolutely everything they have to say. They are wrong and have proven they can’t be bothered to do any fact checking.
I can’t figure out why so many people repeat the same false statements over and over and over again. They’re wrong, and no amount of explaining the truth seems to make any difference. I went looking for evidence.
First, I asked on Facebook. A bunch of my contacts on Facebook have have been running spam traps for a long time. Multiple people commented that they, personally, have been using typos to track spam since the late ’90s. These typos were on both the right hand side of the @ sign (the domain side) but also on the left hand side of the @ sign (the username).
Then, I looked through my archives of one of the anti-spam mailing lists and I see a Spamhaus volunteer mentioning that he had already been using typo traps in 2007.  I asked him about this and he pointed out these are some of his older traps and had been around for many years before that mention. 
Of course, we’ve written about typo domains used by an anti-spam group to catch spam.
The truth is, typo traps are not new and they’re not a new set of traps for Spamhaus. I’ve talked about traps over and over again. But I’m seeing more and more articles pop up that make verifiably wrong statements about spam traps. Here are a few facts about spam traps.
 

  • Spamhaus has been using typo traps for much longer than December 2012.
  • Spamhaus is not the only group using typos to capture non-opt in mail.
  • Many traps, including at least some run by Spamhaus, actively reject every message sent to them.
  • Some traps reject some portion of the email sent to them.
  • A single hit to any trap doesn’t trigger a listing.

These are facts about spam traps that I’ve shared before. There are other facts about spam traps I’ve shared before.
I feel like I’m repeating myself over and over again. But the false information about spam traps seems to be shared much more widely than the actual facts.
 
 
 

DMARC and organizations
April: The month in email

Related Posts

Spamtraps are not the problem

Often clients come to me looking for help “removing spamtraps from their list.” They approach me because they’ve found my blog posts, or because they’ve been recommended by their ISP or ESP or because they found my name on Spamhaus’ website. Generally, their first question is: can you tell us the spamtrap addresses on our lists so we can remove them?
My answer is always the same. I cannot provide a list of spamtrap addresses or tell you what addresses to remove. Instead what I do is help clients work through their email address lists to identify addresses that do not and will not respond to offers. I also will help them identify how those bad addresses were added to the list in the first place.
Spamtraps on a list are not the problem, they’re simply a symptom of the underlying data hygiene problems. Spamtraps are a sign that somehow addresses are getting onto a list without the permission of the address owner. Removing the spamtrap addresses without addressing the underlying flaws in data handling may mean resolving immediate delivery issues, but won’t prevent future problems.
Improving data hygiene, particularly for senders who are having blocking problems due to spam traps, fixes a lot of the delivery issues. Sure, cleaning out the traps removes the immediate blocking issue, but it does nothing to address any other addresses on the list that were added without permission. In fact, many of my clients have discovered an overall improvement in delivery after addressing the underlying issues resulting in spamtraps on their lists.
Focusing on removing spamtraps, rather than looking at improving the overall integrity of data, misses the signal that spamtraps are sending.

Read More

Open relays

Spamhaus wrote about the return of open relays yesterday. What they’re seeing today matches what I see: there is fairly consistent abuse of open relays to send spam. As spam problems go it’s not as serious as compromised machines or abuse-tolerant ESPs / ISPs/ freemail providers – either in terms of volume or user inbox experience – but it’s definitely part of the problem.
I’m not sure how much of a new problem it is, though.
Spammers scan the ‘net for mailservers and attempt to relay email through them back to email addresses they control. Any mail that’s delivered is a sign of an open relay. They typically put the IP address of the mailserver they connected to in the subject line of the email, making it easy for them to mechanically extract a list of open relays.
We run some honeypots that will accept and log any transaction, which looks just like an open relay to spammers other than not actually relaying any email. They let us see what’s going on. Here’s a fairly typical recent relay attempt:

Read More

What causes Spamhaus CSS listings

Today’s Wednesday Question comes from Zaib F.

What causes the Spamhaus CSS listing in your experience other than Sender using multiple sets of IPs, to look as if they are a valid sender. Do you think a Spamtrap plays a role?

Read More