Spamtrap


A spamtrap is a honeypot used to collect spam.
Spamtraps are usually e-mail addresses that are created not for communication, but rather to lure spam. In order to prevent legitimate email from being invited, the e-mail address will typically only be published in a location hidden from view such that an automated e-mail address harvester can find the email address, but no sender would be encouraged to send messages to the email address for any legitimate purpose. Since no e-mail is solicited by the owner of this spamtrap e-mail address, any e-mail messages sent to this address are immediately considered unsolicited.
The term is a compound of the words "spam" and "trap", because a spam analyst will lay out spamtraps to catch spam in the same way that a fur trapper lays out traps to catch wild animals. The provenance of this term is unknown, but several competing anti-spam organizations claim trademark over it.

Industry uses

An untainted spamtrap can continue to collect samples of unsolicited messages that can be acted on by an automated anti-spam system. The automated system could instantly block any further e-mail messages with the same content, arriving for other e-mail addresses, because the messages would then be considered as bulk unsolicited e-mail, the typical definition of spam. Automation is considered "safe" because no legitimate email messages should be arriving to the spamtrap address.
The source IP address of a sender delivering e-mail to the spamtrap could also be added to a blacklist for source address blacklisting of e-mail.

Vulnerabilities

A spamtrap can also be a Usenet newsgroup whose sole purpose is to lure cross-posted spam. For example, the alt.sex.cancel newsgroup charter states that any article posted there may be cancelled immediately. Thus, a spammer who cross-posts an article to the entire alt.sex.* hierarchy, including alt.sex.cancel, will find that article is quickly cancelled.