An effective spamtrap is not announced and is only found by dictionary attacks or by pulling addresses off hidden webpages.
For a spamtrap to remain effective the address must never be given to anyone.
Similarly, when forwarding messages to a number of recipients who don't know one another, recipient addresses can be put in the "bcc: field" so that each recipient does not get a list of the other recipients' email addresses.
Businesses and individuals sometimes avoid publicising an email address by asking for contact to come via a "contact form" on a webpage – which then typically forwards the information via email.
Such forms, however, are sometimes inconvenient to users, as they are not able to use their preferred email client, risk entering a faulty reply address, and are typically not notified about delivery problems.
Some black lists, such as spamcop, use spamtraps to catch spammers and blacklist them.
Enforcing technical requirements of the Simple Mail Transfer Protocol (SMTP) can be used to block mail coming from systems that are not compliant with the RFC standards.
These are known as "Dial Up Lists", from the time when end users whose computers were "zombieing" spam were connected to the internet with a modem and a phone line.
Spamtraps are often email addresses that were never valid or have been invalid for a long time that are used to collect spam.
Similarly, many spam messages contain web links or addresses which the user is directed to follow to be removed from the spammer's mailing list – and these should be treated as dangerous.
In any case, sender addresses are often forged in spam messages, so that responding to spam may result in failed deliveries – or may reach completely innocent third parties.
Trying to balance false negatives (missed spams) vs false positives (rejecting good email) is critical for a successful anti-spam system.