Support article
What is a spamtrap and how to avoid an email suspension
We explain what a spamtrap is, why it can suspend your hosting email, and how to safely recover the service.
Introduction
A spamtrap is an email address used to detect spam sending, poorly managed contact lists, or emails sent without the recipient’s real permission.
At first glance it looks like a normal address, but it does not belong to anyone who requested to receive emails. That is why, when a hosting account sends messages to one of these addresses, antispam systems interpret it as a very clear signal of possible unauthorized sending.
At miHosting.com, if emails are sent to spamtraps from a hosting account, the email service can be automatically suspended. This measure protects the server’s reputation, prevents blocklist listings and stops other customers from being affected.
In this article we explain what a spamtrap is, why it happens, what the consequences are, and what the customer should do if their email service has been suspended for this reason.
What is a spamtrap
A spamtrap, also called a “spam trap”, is an email address created or reused to detect senders who send emails without consent, use purchased databases, keep outdated lists, or run insecure forms and systems.
These addresses do not usually give any warning, are not publicly identified, and normally cannot be distinguished from a real email address.
Their main purpose is to help email providers, antispam organizations and blocklists identify senders with poor sending practices.
Put simply:
If an address never asked to receive your emails and still receives messages from your hosting, antispam systems may consider that spam is being sent.
Why sending to a spamtrap is serious
Sending emails to spamtraps is not a minor mistake. For antispam systems it is evidence that something is wrong at the source of the sending.
It can indicate, for example:
- Use of purchased, rented or scraped contact lists.
- Sending to contacts who never gave permission.
- Old databases with no maintenance.
- Subscription forms with no verification.
- Addresses with typos.
- Compromised email accounts.
- Infected websites sending messages without authorization.
- Plugins, scripts or applications sending mail automatically.
For this reason, when spamtrap sending is detected from a hosting account, miHosting.com may automatically suspend the associated email service. The suspension is not applied as a punishment, but as a security measure to stop the sending and prevent further damage.
Types of spamtraps
Although customers usually cannot see or identify them directly, it is useful to know the most common types.
Pristine spamtraps
These are addresses created solely to detect spam. They never belonged to a real person and were never used to sign up for a legitimate newsletter or service.
If a list contains this type of address, it usually means the contacts were obtained without permission, purchased, scraped from websites, or imported from an unreliable source.
Recycled spamtraps
These are addresses that were real in the past, but were left abandoned for a long time. Later, the email provider can reuse them as traps to detect senders who do not clean their databases.
This case tends to appear when campaigns are sent to old lists, inactive contacts, or databases that have not been reviewed for months or years.
Typo spamtraps
These are addresses created from common typing mistakes, for example a misspelled domain.
This type of spamtrap can appear if a form allows registering any address without email confirmation. That is why it is recommended to use double confirmation, also known as double opt-in.
Why a spamtrap can end up on a contact list
A spamtrap can end up on a list for several reasons. The most common are:
-
A database was purchased or rented. Purchased lists usually contain addresses without consent, outdated contacts and spamtraps.
-
Emails were scraped from websites. Some spamtraps are hidden in website code to detect bots that collect addresses automatically.
-
Subscriptions were not confirmed. If someone types a fake or misspelled address, that address can end up in the database.
-
Inactive contacts were not removed. A valid address can turn into a spamtrap if it is left abandoned for a long time.
-
An account was compromised. If someone gets the password of an email account, they can use it to send unauthorized messages.
-
A website was infected. In WordPress, PrestaShop or other applications, a vulnerable plugin or an insecure form can generate spam sending from the hosting.
Consequences of sending emails to spamtraps
Sending to spamtraps can affect both the customer and the server from which the messages are sent.
The most common consequences are:
- Automatic suspension of email sending.
- Temporary block of an account, domain or email service.
- Rejections when sending messages to other providers.
- Increased bounces.
- Loss of reputation for the domain or the sending IP.
- Listing on blacklists or blocklists.
- Legitimate messages delivered to the spam folder.
- Impact on other users if it is a shared environment.
That is why it is important to act quickly and not keep sending emails from other mailboxes, forms or scripts without first resolving the cause.
What happens at miHosting.com when spamtrap sending is detected
When activity compatible with spamtrap sending is detected, the system may automatically suspend the email service to stop the source of the problem.
This can prevent new messages from being sent from the hosting until the cause is reviewed. In some cases, queued messages may also be held or deleted to prevent further problematic emails from going out.
The automatic suspension protects:
- The customer’s domain reputation.
- The server’s IP reputation.
- Legitimate email delivery.
- The stability of the service for other users.
- The security of the hosting account.
Important: creating new email accounts, changing the sender, or trying to resend the same campaign without cleaning the list can make the situation worse.
What to do if your email was suspended due to a spamtrap
If your email service has been suspended due to spamtrap sending, follow these steps before requesting a review.
1. Stop all sending
Do not continue sending newsletters, campaigns, promotions or mass messages from the hosting.
Also check whether any applications are sending emails automatically, for example:
- Contact forms.
- Online stores.
- Marketing plugins.
- Booking systems.
- CRMs.
- PHP scripts.
- Automatic notifications from WordPress or PrestaShop.
2. Identify the source of the sending
Review where the emails came from:
- Email account used as the sender.
- Application or website that generated the messages.
- Form used to capture contacts.
- Plugin or module that performed the sending.
- Approximate date and time of the sending.
- Recipient list used.
If you do not know where the sending came from, contact support with all the information available.
3. Review your contact list
Check the origin of every recipient. You should be able to answer these questions:
- Did each contact give clear permission to receive emails?
- When and how was that permission obtained?
- Was the list purchased, transferred, rented or downloaded?
- Are there old contacts who never interact?
- Are bounces and unsubscribes removed?
- Is there double confirmation on the forms?
If you cannot prove the legitimate origin of an address, remove it from the list.
4. Remove purchased or dubious lists
Do not use databases that were purchased, downloaded from the internet, exchanged with third parties, or inherited without verifiable consent.
Even if a list is advertised as “validated” or “opt-in”, that does not mean those people authorized your company or website to email them.
5. Clean your database
Before sending any communication again, remove:
- Bounced addresses.
- Contacts inactive for a long time.
- Users who never open or interact.
- Emails with typos.
- Suspicious generic addresses.
- Contacts with no signup date or origin.
- Unsubscribes and spam complaints.
It is also recommended to maintain a suppression list, that is, an internal list of addresses that should never be emailed again.
6. Review your account security
If you do not recognize the sending, it may be a compromised account or an infected website.
In that case:
- Change the password of the affected email account.
- Change the hosting panel password.
- Review FTP users, databases and administrative access.
- Update WordPress, PrestaShop, themes, plugins and modules.
- Remove plugins or themes you no longer use.
- Check for suspicious files on the website.
- Check whether any forms lack antispam protection.
- Enable CAPTCHA or equivalent measures on public forms.
If the website sends mail through SMTP, also review the credentials configured in plugins or applications.
7. Set up good authentication practices
SPF, DKIM and DMARC help email providers verify that the messages sent from your domain are legitimate.
These configurations do not authorize spam sending, nor do they fix a contaminated list on their own, but they do help protect the domain’s reputation when the sending is legitimate.
If you have doubts, you can ask support to review the domain’s DNS configuration.
8. Prepare the information for support
To request a review of the email service, provide as much information as possible:
- Affected account or domain.
- Approximate date of the sending.
- Origin of the contact list.
- Measures applied to clean the list.
- Confirmation that purchased or non-consented contacts were removed.
- Password changes made.
- Security actions applied to the website.
- Confirmation that mass sending will not resume until the cause is fixed.
The more information you provide, the easier it will be to review the case and prevent the problem from happening again.
What you should not do
To avoid making the situation worse, do not do the following:
- Do not resend the same campaign without cleaning the list.
- Do not just change the sender to keep sending.
- Do not create new accounts to bypass the suspension.
- Do not import the same database into another tool.
- Do not buy another list to replace the previous one.
- Do not ignore bounces, unsubscribes or complaints.
- Do not blame only the message content: the problem is usually in the list or the sending source.
How to prevent falling into spamtraps
The best way to avoid spamtraps is to maintain a responsible sending policy.
Main recommendations:
- Only use contacts who gave clear consent.
- Enable double opt-in on subscription forms.
- Do not buy, rent or exchange lists.
- Remove bounces and inactive addresses.
- Review your database periodically.
- Segment your sending and avoid campaigns to inactive contacts.
- Include a clear unsubscribe link in commercial communications.
- Protect forms with CAPTCHA or antispam systems.
- Keep your website and plugins updated.
- Review sending logs or reports if you notice unusual activity.
Hosting email is designed for legitimate communications from the website and the company. If you need to run email marketing campaigns to many recipients, make sure you use lists with verifiable consent and a tool suited to that type of sending.
Common questions
My list is old, but the contacts were real
Even if the contacts were real in the past, some addresses may have been left abandoned and turned into recycled spamtraps. That is why it is important to remove inactive contacts and not send campaigns to old databases without a prior review.
I did not buy any list, why did this happen?
It can happen due to forms without double confirmation, typos when entering addresses, contacts imported from old sources, a compromised account, or an infected website sending emails without authorization.
Can I find out which address was the spamtrap?
Normally not. Antispam organizations and email providers do not usually reveal spamtrap addresses, since they would stop being useful for detecting abuse.
The goal should not be to find “the trap address”, but to fix the underlying problem: contact origin, list hygiene, consent and system security.
Is it enough to delete one contact?
Not always. If a list contains a spamtrap, it may contain more problematic addresses. It is recommended to review the entire acquisition process, clean the database, and only send to recent, active contacts with confirmed permission.
Do SPF, DKIM and DMARC prevent spamtraps?
No. SPF, DKIM and DMARC help authenticate email, but they do not turn an unsolicited sending into a legitimate one. You can have correct authentication and still fall into spamtraps if the list is contaminated.
Why is the email suspended automatically?
Because sending to spamtraps is a high-risk signal. If the system does not stop the sending, the domain or the server’s IP could end up on blacklists, affecting the delivery of legitimate email.
The automatic suspension allows the problem to be cut off before it causes greater damage.
When can the service be reactivated?
The service can be reviewed once the cause of the sending has been identified and fixed. To do this, the customer must clean the list, remove non-consented contacts, review the account’s security, and provide the information requested by support.
Frequently asked questions
What is a spamtrap in email?
A spamtrap is an email address used to detect spam sending or poor email practices. It does not belong to a recipient who asked to receive messages.
Does sending to a spamtrap mean I sent spam?
It means that sending to an address that should not receive legitimate emails was detected. This can be due to intentional spam, purchased lists, old databases, capture errors, or even a compromised account.
Can I use my list again after a suspension?
Only after reviewing and cleaning it properly. You should not reuse a list if you cannot prove that the contacts gave consent to receive emails.
What should I do if I think my website was infected?
Update the application, review plugins and themes, change passwords, remove suspicious files, and contact support if you need help identifying the source of the sending.
Can I send newsletters from my hosting?
You can send legitimate, moderate communications, as long as the recipients gave permission and the list is well maintained. For large or frequent campaigns, it is best to use a dedicated email marketing tool and always follow good consent practices.
Conclusion
A spamtrap is an email trap designed to detect unauthorized sending or poorly managed lists. If messages are sent to these addresses from a hosting account, the email service can be automatically suspended because it is evidence of activity consistent with spam.
Recovering the service takes more than just requesting reactivation. It is necessary to stop the sending, identify the source, clean the database, remove non-consented contacts, and review the security of the account or the website.
If you need help, contact miHosting.com support with the affected domain, the origin of the sending, and the measures you have already applied. This will allow us to review the case faster and help you safely restore the service.