Spamtrap
From Wikipedia, the free encyclopedia
A spamtrap is a honeypot used to collect spam.
Spamtraps are usually e-mail addresses that are created not for communication, but rather to lure spam. In order to prevent legitimate email from being invited, the e-mail address will typically only be published in a location hidden from view such that an automated e-mail address harvester (used by spammers) can find the email address, but no sender would be encouraged to send messages to the email address for any legitimate purpose. Since no e-mail is solicited by the owner of this spamtrap e-mail address, any e-mail messages sent to this address are immediately considered unsolicited.
The term is composed of the common words "spam" and "trap", because a spam analyst will lay out spamtraps to catch wild spam in the same way that a fur trapper lays out traps to catch wild animals. Who originally coined this term is unknown, but several competing anti-spam organizations claim trademark over it [1] [2].
Spamtraps are, by some, considered controversial due to the problems with backscatter of e-mail into the spamtraps. Because many spammers forge the e-mail address of the sender, often based on the same list of e-email address that they send spam to, anyone who sends e-mail back to the claimed "sender" of the spam may be sending to the spamtraps. Many mail servers will do their spam filtering after they have completely accepted e-mail and send bounce messages back when the e-mail is rejected, which can cause backscatter. Instead, these mail servers should reject the e-mail during the sending process, which doesn't generate backscatter. Some e-mail marketers and mail list administrators do not use the confirmed opt in method to add new users to their mailing list and risk having the list of subscribers becoming poisoned with the spamtraps. Sometimes when a malicious person (a spammer, a competitor, an angry customer, etc.) discovers a spamtrap, they will sign up for a newsletter to poison it. Supporters of spamtraps do not consider list poisoning to be a major concern as most spamtrap administrators view all backscatter to be a problem, whether it is sent to a spam trap, or to an innocent victim who had their e-mail address forged.
[edit] Usenet
A spamtrap can also be a Usenet newsgroup whose sole purpose is to lure cross-posted spam. For example, the alt.sex.cancel newsgroup charter states that any article posted there may be cancelled immediately. Thus, a spammer who cross-posts an article to the entire alt.sex.* hierarchy, including alt.sex.cancel, will find that article is quickly cancelled.
[edit] Industry uses
An untainted spamtrap can continue to collect samples of unsolicited messages that can be acted on by an automated anti-spam system. The automated system could instantly block any further e-mail messages with the same content, arriving for other e-mail addresses, because the messages would then be considered as bulk unsolicited e-mail, the typical definition of spam. Automation is considered "safe" because no legitimate email messages should be arriving to the spamtrap address. Also, databases are maintained that list the computers which delivered the e-mail to the spamtrap to be able to restrict that computer's access to other e-mail addresses and/or servers.
A spamtrap becomes tainted when a third party discovers what the spamtrap e-mail address is being used for. Once this occurs, the third party could target the spamtrap by maliciously sending email to it or subscribing it to legitimate e-mail, giving the third party some control over the automated process of what is being considered bulk unsolicited e-mail by the anti-spam system.
