Koli-Loks Spamtrap Intelligence Service

  • Home
  • Koli-Loks Spamtrap Intelligence Service

Koli-Loks Spamtrap Intelligence Service

Koli-Loks is a trusted cyber-security research organization, with over 25 years of experience tracking abuse in email and on other messaging platforms. The Spamtrap Intelligence Service (SIS) provides detailed information on individual spamtrap hits  and valuable insight into spam flows from specific IP addresses or users on your network. 

Spam Intelligence Service (SIS):

  • Provides continuous, detailed feedback on spam seen coming from your network(s)
  • Covers specific IP ranges, domains, and other bits of information that identify both the senders of spam emails, and the companies or websites advertised in spam emails
  • Helps identify the exact source and origin of spam and abuse
  • Delivered daily as individual hit alerts or CSV format file for further analysis
  • Especially useful for Email Service Providers (ESPs) to find detailed information on the source or senders that are causing you pain or hurting your reputation

Spam Intelligence Service by Koli-Loks

This information was originally designed to allow Email Service Providers (ESPs) to monitor the email streams sent by their customers, providing detailed information on who is causing your pain. The same information can help ISPs identify customers who spam, and customers whose servers or networks are compromised and provide a channel for criminal spam and abuse.

The SIS FBL consists of one record per spamtrap hit that matches your criteria. That record is saved in a CSV-format file that is posted daily, allowing you to download and import the CSV file into a database or spreadsheet. If the spamtrap hit is one that you want to know about immediately, the SIS FBL record can also be sent to you in near-real-time as an email alert.

Each SIS FBL record contains the following information:

  • Timestamp: Date and hour that the email was received.
  • Connecting IP: IP address that sent the email to our MX server.
  • HELO: HELO string issued by the server that sent the email to our MX server.
  • From email address: Email address from the From header.
  • Subject: Contents of the Subject header.
  • URI host: Hostname from the email URI, if any.
  • Drop Box Email Address. Any email address in the Reply-to header or message body.

These fields are unmodified except where a tag or identification string appears to exist to identify the email recipient. In that case, the information in the field might be modified to remove the identification string.

This data provides excellent visibility into which emails are hitting spam-traps. This information is highly effective in helping email senders identify the exact sources of spam and abuse coming from their networks. It is equally effective in helping web hosts identify the customers who are advertising their sites using spam sent from another location.

Start your free trial.

Design the best set of data feeds to meet your needs!


Experience improved cybersecurity and stop phishing emails, ransomware, malware, and other cyber threats. Sign up for your free consultation and receive an in-depth technical deep dive and a 30-day free trial.