Spamtraps: what are and how recognize them

We continue our path to improve e-mail deliverability. In the older posts we talk about technic to improve deliverability, how to keep high ip reputation, what are and how set SPF and DKIM records and how not do phishing. Today we write about spamtrap.

Spamtrap are spoof e-mail addresses create expressly by blacklist providers. They are used for understanding if contacts lists are legally create or if you have bought them. It is illegal sending newsletter to contacts without express consent! If you send your communication to one of those e-mails, blacklists will tag you as a spammer and your ip will be blacklisted. So you should notice a decrease of your performances.


The most common types of spamtrap are:

1 inactive and reused e-mail contacts: e-mail providers often transform e-mail addresses that are no longer used into a spamtrap. Contacts are often past and copy in many list online, so, when you buy one, is very common that some of the contacts in those lists are spamtrap.

Kloudymail has an inner spamtrap list. If you import a lists with one of these e-mail addresses your list will be frozen and you can’t send any communication (unless you send us the permission of this address to receive your newsletter).

2 Spoof address: spammer use crawler, software that can automatically collect e-mail addresses published on different websites. As they have collected a good amount of addresses, they use the addresses to send illegal communication (spam) or the lists are sold to other companies.

Blacklists provider oppose bot’s work inserting some spoof address in websites’ HTML codes. This addresses are hidden for users but not for a crawler. When a spammer send his communication to one of those e-mails, blacklist tag the sender as a spammer. Consequences are a decrease of your deliverability or the stop for your ip and server.


Most of providers used for sending e-mail marketing campaigns, such as Kloudymail, not allow the import of this kind of lists because they are very unprofessional: the contacts are not so updated, or worse, illegally collected and sold as valid addresses.

Finding spamtrap here is very common, for the reason we speak above, so it’s important to check those databases before sending them newsletter.


When you import a list in Kloudymail and it is frozen is very probably that there are some spamtrap in it. It often happens even if you import your private database, that you create in all your years of business.

System addresses: if your list is frozen is possible that there are in it some of system addresses typically used as domain registration, hosting, etc. Those addresses are hardly used for newsletter submission. So these kinds of e-mail are present in illegally lists because lot of suppliers don’t clean them well enough and built their database with crawler.

Addresses that submit a form with single opt-in: when you insert a form on your website, you have two choices: you can choose the single or the double opt-in for the newsletter submission.

With the single opt-in, e-mail addresses will be inserted directly in a list as active contacts; using the double opt-in it is necessary that users confirm e-mail addresses before being activated. Double opt-in guarantees the validity of the e-mail address and a clean list. Sometimes, for technical reason, you choose the single opt-in. This choice, however, let users to insert fake data (users very often like to stay anonymous).

P.s. Sometimes blacklists create bot that can insert data automatically in all that form that haven’t CAPTCHA or the ones that don’t have the double opt-in. In this way blacklist could insert in your database some spamtrap to verify if you send valid communication with the permission of your contacts.


 In order to be sure that you have clean lists that don’t contain spamtrap, we suggest you to follow those tips:

1 First of all, never buy database if you are not 100% sure of their source

2 Make all your submission form safe, asking the confirmation of all addresses. Maintain in your list only the certificate addresses (you can contact the ones you consider suspicious via private e-mail). If you think that the double opt-in is too much complicated you have to check all the contacts that submit your form.

3 We suggest you to clean your list after every campaigns, considering bounces.

4 A way to obtain valid e-mail addresses is simplify contact form: ask users only the data you really need for your communication. If the form is too much longer you could frighten or bother the users and they will insert fake data.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *