How do I identify Hotmail spamtraps

Spamtraps are anonying.

Since the spamtraps are used as parameter to measure the sending reputation, the owner of these spamtraps will never be interested in our newsletters.

On the other word, we can't make any revenue by writting to a spamtrap.

Even worse, by hitting spamtraps, we are due to get blocked on sending IP/domain bases.

Once an IP has been blocked, other mails are not able to be delivered either, which influences the total sending.

It means, we loose money, instead of earning 40 dollars by spending one single dollar on email marketing.

Spamtraps are also tricky.

We can hardly identify a spamtrap.

The biggest ISPs, like Gmail, Outlook/Hotmail, Yahoo, etc., they normally are using inactive addresses as spamtraps, resp. the addresses with no login for 6 or more months.

The anti-spam organisations, like Spamhaus, Barracuda, etc., they have their own addresses to catch spammers.

Neither of them will tell us, which addresses are spamtraps.

Outlook provides SNDS (Smart Network Data Service) reports for big senders. We can find lots of useful information on an IP base, for example about spamtraphits.

We can look up the numbers of spamtraphits and in which period were they hit, splitting by 24 hours. The time period could be accurated to minute, when the mail has been delivered into the mailbox of an Outlook spamtrap.

If there is only one spamtrap over a certain IP. We will see a period X:

1/9/2015 5:18 AM - 1/9/2015 5:18 AM

The beginning and the end of this period are the same, so it is the exact time, when a spamtrap has been written.

We even don't need to switch the time zone.

If there are two spamtraps over a certain IP. We will see a period Y:

1/8/2015 4:55 PM - 1/8/2015 10:22 PM

The beginning of this period represents the time, when spamtrap A has been written and the the end of this period represents the time, when spamtrap B has been written.

If there are more than 2 spamtraps over a certain IP. We can at lease try to identify 2 of them.

Here I say "try", because there is no 100% guarantee to succeed finding them out.

First, we need the data logs, which record the timestamps, when the mails to whom went outbound from our SMTP server.

Second, the sending volume cannot be that big per minute. If the sending speed is too high, that there are 100 records within this minute, we should rather give up.

Third, we have to assume, the mails has been non stopped to be delivered. On the other word, we suppose, the time we read up from SNDS is approximate to the outbound time, or only a couple of minutes after.

All above was background, now I am going to tell you, what I do to identify the spamtraps at Outlook.

There is no best way to optimize the optin process.

Even the content is so fascinating, everyone would like to subscribe the newsletter, typo happens. They are non-existing addresses related to bad domains, or spamtraps.

We, unusually, separate the welcome email and the confirmation email.

These two kinds of mails have different content, and will be triggered and sent out over two different IPs A &B as transactional emails to a subscriber, after he signed up with his email address.

These two IPs A resp. B are only used for welcome resp. confirmation emails.

If an Outlook spamtrap is hit, it must be caught twice, once over IP A and once over IP B.

The really work starts! The process below is for hitting 1 spamtrap. For hitting more spamtraps, we need simply to recycle the process.

1. Search in logs for IP A.
2. Gather all Outlook addresses, which covered the outbound time between the interval introduced by SNDS and a couple of minutes before. For instance, the period X above, I'd harvest the addresses with outbound time between 1/9/2015 5:15 AM and 1/9/2015 5:18 AM

3. Search for the addresses one by one in the same logs to check if it appears only once regarding IP A.

4. Search for the same address regarding IP B to check if it appears only once covered the outbound time between the interval defined by SNDS and a couple of minutes before.

5. If one and only one address fits both time stamps regarding IP A and IP B, then this address should be the spamtrap, we are looking for.

The procedure can be processed automatically.

Depends on country, but mostly >20% of total sending volume consists of Outlook volume. Therefore, even it's not that simple, still worth to do.