Fight the scourge of spam with spamtraps

by Stephane

SPAMTRAP, anti-spam filtering tool

IT security professionals offer a wide range of solutions to combat spam. Unfortunately, it’s not uncommon for false positives to find their way into the user’s inbox, and false negatives to be blocked by the spam filter. Spamtrap is used not only to detect spam, but also to identify spammers. It is highly effective in identifying unknown sources of spam.

What is spamtrap?

Spamtrap is an email address specially set up to attract spam. Since spamtrap is fictitious, it cannot be used to communicate. No e-mails will be sent from this address. To create spamtraps, the mail server administrator can choose from several methods at his or her convenience. There is no limit to the number of spamtraps you can create.

Create your own spamtraps

First, there’s the basic method of address creation. Spamtraps will take the form of: piegespam2@nomdomaine.fr, piegespam12@nomdomaine.fr, spamtrap@nomdomaine.fr, aetbk@nomdomaine.fr, qdgjds.drpp@nomdomaine.fr, etc…

Despite their effectiveness, these spamtraps can immediately attract the attention of professional spammers. For companies, the administrator can create a spamtrap address using the names of phantom persons who do not exist in the company: marie.vence@nomdomaine.fr, pet.lagois@nomdomaine.fr, pierre.cadin@nomdomaine.fr, jeanyves.villier@nomdomaine.fr, etc. The only problem with this kind of spamtrap is that the fictitious addresses created run the risk of interfering with an existing or future email address.

Those who choose the automated method opt for common first and last names to create their spamtraps. So you might come across an e-mail address for John Smith or Emile Durand. To limit the risk of collision, especially in corporate environments, the mail server administrator should use a different convention. One example is pnom@nomdomaine.fr, which consists of the first letter of a first name followed by the surname.

The binary method is certainly the simplest. Simply create a specific domain name for all company or user spamtraps. In this way, the risk of collision will be avoided. What’s more, all emails received in these inboxes can be immediately classified as spam. What’s more, this method is less expensive for the company or user.

The method is very effective, but takes a little time to develop. For a certain period of time, the user will have to accept all e-mails received at fictitious e-mail addresses. Then he’ll have to open the messages one by one, so as to load the HTML code on a secure, isolated workstation. The aim is to let spammers know that your e-mails have been read.

Use of spamtraps

To enable spamtraps to do their job properly, it’s important to publish the e-mail addresses corresponding to the spamtrap and to place them in the right places: web page comment areas, online discussion groups, pages specially created for spamtraps, etc. As soon as the spambot, a software program that collects data created by spammers, passes through, the spamtraps will be automatically integrated into their databases.

Like any anti-spam technology, it has its limits when taken independently. At ALTOSPAM, we use it in combination with other anti-spam methods.

Test Altospam’s solutions!

Thousands of companies, CTOs, CIOs, CISOs and IT managers already trust us to protect their e-mail against phishing, spear phishing, ransomware, …