Spamtrap

Last updated

A spamtrap is a honeypot used to collect spam.

Spamtraps are usually e-mail addresses that are created not for communication, but rather to lure spam. [1] [2] In order to prevent legitimate email from being invited, the e-mail address will typically only be published in a location hidden from view such that an automated e-mail address harvester (used by spammers) can find the email address, but no sender would be encouraged to send messages to the email address for any legitimate purpose. Since no e-mail is solicited by the owner of this spamtrap e-mail address, any e-mail messages sent to this address are immediately considered unsolicited.

Contents

The term is a compound of the words "spam" and "trap", because a spam analyst will lay out spamtraps to catch spam in the same way that a fur trapper lays out traps to catch wild animals. The provenance of this term is unknown, but several competing anti-spam organizations claim trademark over it.

A portmanteau or portmanteau word is a linguistic blend of words, in which parts of multiple words or their phones (sounds) are combined into a new word, as in smog, coined by blending smoke and fog, or motel, from motor and hotel. In linguistics, a portmanteau is defined as a single morph that represents two or more morphemes.

Industry uses

An untainted spamtrap can continue to collect samples of unsolicited messages that can be acted on by an automated anti-spam system. The automated system could instantly block any further e-mail messages with the same content, arriving for other e-mail addresses, because the messages would then be considered as bulk unsolicited e-mail, the typical definition of spam. Automation is considered "safe" because no legitimate email messages should be arriving to the spamtrap address.

The source IP address of a sender delivering e-mail to the spamtrap could also be added to a blacklist for source address blacklisting of e-mail.

Vulnerabilities

Opt-in email is a term used when someone is given the option to receive email. Typically, this is some sort of mailing list, newsletter, or advertising. Without obtaining permission before sending email, the email is unsolicited bulk email, better known as spam.

Usenet

A spamtrap can also be a Usenet newsgroup whose sole purpose is to lure cross-posted spam. For example, the alt.sex.cancel newsgroup charter states that any article posted there may be cancelled immediately. Thus, a spammer who cross-posts an article to the entire alt.sex.* hierarchy, including alt.sex.cancel, will find that article is quickly cancelled.

Usenet worldwide distributed Internet discussion system

Usenet is a worldwide distributed discussion system available on computers. It was developed from the general-purpose Unix-to-Unix Copy (UUCP) dial-up network architecture. Tom Truscott and Jim Ellis conceived the idea in 1979, and it was established in 1980. Users read and post messages to one or more categories, known as newsgroups. Usenet resembles a bulletin board system (BBS) in many respects and is the precursor to Internet forums that are widely used today. Discussions are threaded, as with web forums and BBSs, though posts are stored on the server sequentially. The name comes from the term "users network".

See also

Project Honey Pot is a web-based honeypot network. It uses software embedded in web sites. It collects information about the IP addresses used when harvesting e-mail addresses in spam, bulk mailing, and other e-mail fraud. The project also solicits the donation of unused MX entries from domain owners.

Address munging is the practice of disguising an e-mail address to prevent it from being automatically collected by unsolicited bulk e-mail providers. Address munging is intended to disguise an e-mail address in a way that prevents computer software from seeing the real address, or even any address at all, but still allows a human reader to reconstruct the original and contact the author: an email address such as, "no-one@example.com", becomes "no-one at example dot com", for instance.

The term list poisoning refers to poisoning an e-mail mailing list with invalid e-mail addresses.

Related Research Articles

Spamming unsolicited electronic messages especially advertising messages

Spamming is the use of messaging systems to send an unsolicited message (spam), especially advertising, as well as sending messages repeatedly on the same site. While the most widely recognized form of spam is email spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone messaging spam, Internet forum spam, junk fax transmissions, social spam, spam mobile apps, television advertising and file sharing spam. It is named after Spam, a luncheon meat, by way of a Monty Python sketch about a restaurant that has Spam in every dish and where patrons annoyingly chant "Spam!" over and over again.

Open mail relay

An open mail relay is an SMTP server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular because of their exploitation by spammers and worms. Many relays were closed, or were placed on blacklists by other servers.

The Spam Prevention Early Warning System (SPEWS) was an anonymous service which maintained a list of IP address ranges belonging to Internet service providers (ISPs) which host spammers and show little action to prevent their abuse of other networks' resources. It could be used by Internet sites as an additional source of information about the senders of unsolicited bulk email, better known as spam.

A Domain Name System-based Blackhole List (DNSBL) or Real-time Blackhole List (RBL) is an effort to stop email spamming. It is a "blacklist" of locations on the Internet reputed to send email spam. The locations consist of IP addresses which are most often used to publish the addresses of computers or networks linked to spamming; most mail server software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists. The term "Blackhole List" is sometimes interchanged with the term "blacklist" and "blocklist".

Various anti-spam techniques are used to prevent email spam.

alt.sex is a Usenet newsgroup – a discussion group within the Usenet network – relating to human sexual activity. It was popular in the 1990s. An October 1993 survey by Brian Reid reported an estimated worldwide readership for the alt.sex newsgroup of 3.3 million, that being 8% of the total Usenet readership, with 67% of all Usenet "nodes" carrying the group. At that time, alt.sex had an estimated traffic of 2,300 messages per month.

CAN-SPAM Act of 2003

The Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act of 2003, signed into law by President George W. Bush on December 16, 2003, established the United States' first national standards for the sending of commercial e-mail and requires the Federal Trade Commission (FTC) to enforce its provisions.

TMDA is an open-source software application designed to reduce the amount of junk email a user receives. TMDA's main difference from other anti-spam systems is the use of a controversial challenge/response system that bulk mailing machines and programs are either unwilling or unable to answer.

Email spam unsolicited electronic advertising by e-mail

Email spam, also known as junk email, is unsolicited messages sent in bulk by email (spamming).

Sender Policy Framework (SPF) is an email authentication method designed to detect forged sender addresses in emails, a technique often used in phishing and email spam.

A joe job is a spamming technique that sends out unsolicited e-mails using spoofed sender data. Early joe jobs aimed at tarnishing the reputation of the apparent sender or inducing the recipients to take action against them, but they are now typically used by commercial spammers to conceal the true origin of their messages and to trick recipients into opening emails apparently coming from a trusted source.

Spambot Wikimedia disambiguation page

A spambot is a computer program designed to assist in the sending of spam. Spambots usually create accounts and send spam messages with them. Web hosts and website operators have responded by banning spammers, leading to an ongoing struggle between them and spammers in which spammers find new ways to evade the bans and anti-spam programs, and hosts counteract these methods.

Disposable email addressing, also known as DEA or dark mail, refers to an approach where a unique email address is used for every contact or entity. The benefit is that if anyone compromises the address or utilises it in connection with email abuse, the address owner can easily cancel it without affecting any of their other contacts.

Email harvesting is the process of obtaining lists of email addresses using various methods. Typically these are then used for bulk email or spam.

SORBS is a list of e-mail servers suspected of sending or relaying spam. It has been augmented with complementary lists that include various other classes of hosts, allowing for customized email rejection by its users.

A challenge–response system is a type of spam filter that automatically sends a reply with a challenge to the (alleged) sender of an incoming e-mail. It was originally designed in 1997 by Stan Weatherby, and was called Email Verification. In this reply, the sender is asked to perform some action to assure delivery of the original message, which would otherwise not be delivered. The action to perform typically takes relatively little effort to do once, but great effort to perform in large numbers. This effectively filters out spammers. Challenge–response systems only need to send challenges to unknown senders. Senders that have previously performed the challenging action, or who have previously been sent e-mail(s) to, would be automatically whitelisted.

Backscatter is incorrectly automated bounce messages sent by mail servers, typically as a side effect of incoming spam.

People tend to be much less bothered by spam slipping through filters into their mail box, than having desired e-mail ("ham") blocked. Trying to balance false negatives vs false positives is critical for a successful anti-spam system. As servers are not able to block all spam there are some tools for individual users to help control over this balance.

A cold email is an unsolicited e-mail that is sent to a receiver without prior contact. It could also be defined as the email equivalent of cold calling.

References

  1. "What is the SpamCop Blocking List". spamcop.net. Retrieved 15 September 2015.
  2. "Whats is a Spamtrap & What Happens When you Send to One?". FreshAddress.com. Retrieved 5 February 2018.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.