Spam Traps Explained and

How to Avoid Them

As an email professional, you’re bound to hit spam traps
from time to time. That’s okay hiccups happen! But, what’s
not okay are the deliverability issues that can arise as a
result of spam trap hits. That’s why we’re here to help
explain spam traps and give you recommendations on
how to remediate associated deliverability issues.

What is a Spam Trap?

At the most basic level, a spam trap is an email address that accepts mail, but is not owned by a real person.
It is used to detect bad list management practices, from email acquisition to bounce management. Traps
almost always do not engage with emails, though this is not 100% adhered to across all providers.

Both security providers and data management companies typically operate a large number of traps as a so-
called ‘Spam Trap Network’, sometimes also referred to as a ‘sensor network’.

Spam Trap Networks can be largely divided into two categories:

Operational Networks Commercial Networks

Operational networks actually block mail based Commercial networks do not block mail based
on their trap hits, meaning they won’t send your on their traps but use their traps to gain more
mail if you hit one of their traps. An example of information. Companies like SparkPost have
this is Spamhaus. They are very secretive about commercial networks with the purpose of sharing
their traps and don’t typically share any details details about hits to help optimize and empower
on hits. Anyone who tells you they can identify their senders to identify practical issues. These
these traps for you is not a legitimate service. hits are not sold and used to generate blocks but
are more of are a ‘canary in a coal mine’ to identify
likely issues with operational networks.

sparkpost.com
 Types of Spam Traps

1. Typo 2. Pristine
A Typo trap is an email address that is hosted on Pristine Traps are email addresses that have
a domain that looks like a real mailbox provider, never had real active mailboxes associated with
like like “wayne.campbell@gmai.com”. them. They are published and embedded into
websites so that poor list acquisition processes
Typo traps usually end up on your list when a or spammy senders can be easily identified.These
real person tries to sign up for your mailings but traps are considered the most serious since
makes a mistake when entering in their email they are indicative of very bad list acquisition
address. These addresses signal that you should practices, as there is no legitimate way that a
work to simplify and optimize your sign up flow. pristine could have entered a list.
We don’t see these as pristine hits since they are
most likely caused by human error, which leads us Classifying Typo traps, which are easily explained
into the next type. by human error, as Pristine traps make networks
that confuse the two materially less useful than
those that approach it strictly and qualify Typo
3. Recycled
Traps separately.

Recycled Traps are emails/domains that

previously were a legitimate recipient, but went
fully idle (not accepting mail) for a period of
4. Parked
time (typically at least a year) before being A Parked trap is not actually a trap, but behaves
repurposed as a trap. These are not only linked to like one and can also be indicative of list
poor acquisition issues, but also indicate that you maintenance issues. Domains are ‘parked’ at a
may not be removing unengaged recipients from registrar or monetization site (like namecheap or
your list, a very serious list maintenance concern. above.com). Other parked domains get ‘leased
out’ to commercial trap providers as part of their
trap networks. This practice captures similar ‘un-
5. Mixed leased’ domains.

In passive networks like our own, addresses

are classified as pristine, typo or recycled. But,
sometimes our data is indeterminate. When that’s
the case we classify them as ‘mixed’, meaning
they are either pristine or recycled.

sparkpost.com
 Sources of Traps

1. GTN Active 2. GTN Passive

This is an active trap network that SparkPost This is a passive trap network that SparkPost
operates. The addresses that are in this network operates. Our research team has used passive
are both owned and managed by SparkPost. We techniques on the sending traffic that goes
receive any mail that gets sent to these addresses. through the SparkPost network, combined with
GTN Active is comprised of typo, recycled, and publicly available information from Passive
pristine domains. The traps in GTN Active will not DNS providers to identify trap networks. This
affect your reputation but can be used to gauge has very high accuracy, particularly for the
the effectiveness of your list management and large commercial trap networks. We have
hygiene practices. mapped multiple commercial trap networks. We
combine this with both proprietary classification
techniques and historical DNS data to categorize
these traps as typo, pristine and recycled. The
3. Abusix GTN Passive network only provides information
to SparkPost sending or Signals customers.
Abusix is a respected independent security
provider who maintains an operational spam
trap network (pristine and recycled). Abusix
provides the missing piece in today’s network
security environment that allows for quick and
4. Cloudmark
reliable mitigation of network abuse and other Cloudmark is a respected independent security
cyber threats. Hundreds of service providers, provider who maintains an operational spam trap
enterprises, and cyber security product network (mixed). A trusted leader in intelligent
developers rely on Abusix to keep their networks threat protection against known and future
secure and their users safe. attacks, Cloudmark safeguards 12 percent of the
world’s inboxes and 20 percent of mobile accounts
from wide-scale and targeted email threats.

5. SNDS
Microsoft reports spam trap hits on their own
trap network as part of their SNDS service (Smart
Network Data Services). SNDS gives you the
data you need to understand and improve your
reputation at Outlook.com. We incorporate those
SNDS hits into our comprehensive views within
our Spam Trap Monitor feature in Inbox Tracker.

sparkpost.com
 Recommendations for Resolving Spam Trap Issues

Identify the Source or Remediate the Issue Communicate the

Mailstream That Has an Issue and Details of the
• Eliminate any recently
Issue purchased or rented lists and Remediation to the Trap
monitor resulting decline in Provider
• Check any recent changes to
spam trap hits.
your acquisition process. • Once you have identified and
• Improve your sign up process
• Stay away from purchased or resolved the cause you can
to:
rented lists. then reach out to the trap
- include an address
• Ensure all sign up processes owners and mitigate any
verification check for typos
include email verification. blocklists if necessary.
or hard bounces
• Protect your signup process • It is important that you
- require that the address
from bot activity. describe your findings and
be typed in twice to avoid
address typos the resolutions in detail then
- include reCAPTCHA on ask if there is anything else
your sign up forms to avoid you should do to resolve the
abuse. issue. This will then leave
• Use double opt in (spam it open for them to mitigate
traps will never confirm the or provide you with more
opt in). detailed information.

The Problem with ‘Hunting’ Traps - a Warning

A common practice amongst commercial spam trap customers is attempting to identify and ‘clean’ individual
addresses off a commercial trap list. Here’s why you shouldn’t do this:
1. Because commercial providers provide more details on the hits, this is generally not too challenging.
2. It’s counterproductive. ‘Hunting’ doesn’t do anything to address spam trap hits on Operational networks,
and can obscure early warnings that let you know Operational hits are likely happening.
3. Commercial networks should be used to identify issues with particular sources or mailstreams, which
should then be remediated holistically. This will not only cause your Commercial hits to go down, but will
reduce the Operational hits as well (which are the ones that really matter).

sparkpost.com