Eighteen Years of Greytrapping – Is the Weirdness Finally Paying Off?
3 days ago
- #spamtraps
- #email_security
- #greytrapping
- Greytrapping spamtraps at nxdomain.no (bsdly.net) started as an experiment in 2007, evolving from a Debian to OpenBSD/FreeBSD setup with spamd for greylisting and spamtrapping.
- The number of spamtraps exceeded Norway's population on August 7, 2025, reaching 5,620,384 and growing over time, with data on additions and trapped hosts tracked since 2017.
- Greytrapping effectively reduces spam by using network-level tricks and SMTP protocol interpretations, making mail service management simpler and reducing server load.
- Over the years, spamtrap sources expanded from greylist extraction to include SSH, POP3 logs, and synthetic generation from spamd logs, with a surge in synthetic entries from late 2024.
- Data shows yearly and monthly trends in spamtrap additions, with notable peaks in 2019 and 2025, and a general decline in trapped hosts despite consistent delivery attempts.
- IPv6 support is a limitation as spamd is IPv4-only, hindering effectiveness against IPv6 traffic, though many spammers still use IPv4.
- The article targets those running or considering their own mail service, recommending Michael W. Lucas' book 'Run Your Own Mail Server' for guidance.
- Historical articles and field notes document various incidents, including interactions with major email providers and odd spam campaigns, highlighting ongoing challenges in email management.