BoostCE: October 2018

Friday, October 26, 2018

Friday, October 19, 2018

Thursday, October 18, 2018

What is an Email Honeypot?

According to Wikipedia, "Honeypots are a vital piece of computer security - designed to detect, deflect or in some manner, counteract attempts at unauthorized use of information systems."

Did you know there are Email Honeypots?

Email Honeypots are designed to find people who are using bad practices in their mailing.

At the heart of them, honeypots are spam traps. Your email will look like it's delivered, but the ESP at the other end is taking notice. (There's even a honeypot network to share information and more quickly identify people who are emailing honeypots.)

Quick reminder:
ISP = Internet Service Provider (recipient - Gmail, Yahoo, AOL, etc.)
ESP = Email Service Provider (sender - ExactTarget, MailChimp, etc.)

What Happens if I Get Caught Sending to Honeypots?

Mailing honeypots is bad news. Do it enough, or email enough honeypots and you may find your email dropped into the spam folder, silently discarded by the ISP or outright bounced/rejected.

How Do I Know if I Have Honeypots on My List?

That's the thing. You won't know. But, if you practice good list hygiene and good acquisition practices, you will greatly reduce the changes.

How Do Honeypots Get on My List?

One type of honeypot is the "lapsed address" - this was an address that actually belonged to someone. But, they've stopped signing in and the ISP now considers the address "abandoned." If the ESP sees that the email address gets a lot of email (signs that the address has been sold or stolen from other websites via hacking), it will reject all email to that address for a period of time, and then start accepting the mail again.

Another type is the "intentional honeypot" - this address was created for the sole purpose of being a honeypot. After it was created, it was placed on a website where it could be scraped or otherwise discovered. It may be intentionally submitted to list brokers.

The third is the "injected honeypot" - this is pretty rare. Hackers have intentionally inserted the honeypot email addresses into poorly guarded databases. Once an email goes out to that list, they have more information about who owns the database.

How Do I Avoid Honeypots?

Being a responsible emailer!

Don't Email Old Addresses - if you have an address on your list that you haven't emailed in 6-12 months after you acquired it, proceed with caution. Attempt to verify the email address using a third-party service. Keep in mind that they honeypots look like regular functioning email addresses, so this may not protect you. Don't collect email addresses unless you're going to use them, don't try to send to old addresses.

Remove Bounces - Most ESPs will automatically remove/suppress bounced addresses for you automatically. Make sure you understand the your ESP's policy regarding bounces and suppression, paying special attention to any places where you have the ability to override suppression rules.

Don't Buy Lists - These are notorious sources of spam traps, bad addresses, invalid domains, and so forth. The quality of these lists are horrible and despite any sales pitch, no one ever opted-in to receive any random email from anyone and everyone who wanted to buy their name. No one's giving that kind of permission, these addresses were probably scraped off a website or swiped from a poorly secured database.

Protect Your Databases - Don't leave unsecured lists anywhere, don't send unencrypted data in Excel for a text file. Just be smart. You don't want this stuff stolen or sold and you don't want extra surprises added to it either.

BoostCE

Friday, October 26, 2018

Recommended Reading - 10/26/2018

Friday, October 19, 2018

Recommended Reading - 10/19/2018

Thursday, October 18, 2018

What is an Email Honeypot?

Friday, October 12, 2018

Recommended Reading - 10/12/2018

Friday, October 5, 2018

Recommended Reading - 10/05/2018