A Honeypot is Just a Sweet Word for Spam Carly Brantz July 18, 2012 Best Practices // SUMMARIES ?> In the IT world, honeypots have a number of definitions depending on its usage, but with email, a honeypot means one thing – a trap. Honeypots are inactive email addresses set up specifically as a tool to catch spammers red-handed as these emails are not used by real people and therefore never opted-in to any email campaigns. As a result, any mailer that sends to these addresses can be dubbed a spammer. One of the most common ways that spammers obtain honeypot email addresses is by harvesting email. They do this by: • Purchasing or trading lists of email addresses from fellow spammers • Using special software (spambots) to spider websites to source email addresses • Guessing email addresses using common usernames for each targeted domain • Offering a product or service for free in exchange for an email address • Sending malicious email that scans your hard drive or network for email addresses And the problem is big. Project Honey Pot is a non-profit organization working to track and stop email harvesting. They are currently monitoring over 88 million different spam trap addresses, and have thus far identified almost 140,000 harvesters, over 20 million dictionary attackers, and over 93 million spam servers. They publish a directory of malicious IPs with a breakdown by type – harvester, spam server, dictionary attacker and comment spammers. You can even lookup an IP to see if its suspect. It’s important to note, that even legitimate mailers can end up with honeypots on their email file. Regardless of your intent, sending unwanted email is a violation of the CAN-SPAM Act. That’s why it’s important for you to: • Closely monitor your email deliverability and perform regular list hygiene • Check your response metrics and remove non-responders from your file in a timely fashion • Validate email addresses and be sure to ask for permission before sending Not doing so can result in your IP being blocked or blacklisted, which will compromise your email deliverability and response rates.