What is BoxTrapper?

The BoxTrapper filter works through “challenge-response” verification. When an email is sent to an account that has BoxTrapper enabled, BoxTrapper automatically sends a verification email in response. This verification email requires the original sender to reply or click a link. After the sender does this, BoxTrapper delivers the original message to the intended recipient’s IN box. The goal in enabling BoxTrapper is to block email senders who do not reply to the verification email or click the verification link.

The BoxTrapper filter comes with a general advisory that it tends to generate a huge amount of email back-scatter and should be used only on rare occasions when there is an emergency, such as to divert a mail-bombing or joe-job attack.

Many of our members simply use the "-s- LIKELY SPAM" subject line anti-spam tag, which is inserted by the LinkSky Mailscanner system, to clear about 99% of spam from their IN box. There's a ton of intelligence working behind the scenes to determine what is spam and what is not. You may find that using the "-s- LIKELY SPAM" tag is more reliable and less problematic for everyday use (especially for your regular correspondents).


Keep in mind that a spam message never contains the email address of the spammer. The FROM address is often faked, or worse yet, comes from hacked Outlook address books or spam-bot scraped websites. Or far worse, these spam message come from spam-bot scraped honeypot sites. Here's what can happen:

1 -- The Boxtrapper user receives a message from a spammer (using a compromised or faked email address).

2 -- Boxtrapper responds with an auto-response message to the sender asking them to reply to be "whitelisted."

3 -- An innocent individual receives the Boxtrapper response out-of-the blue. Remember, they never sent the spam message in the first place. The spammer "volunteered" their email address.

4 -- That individual reports the sending server to SpamCop (or another reporting service) for sending unsolicited email.


Part 1) Anti-spam organizations maintain lists of multiple anti-spambot honeypot sites such as APEWS (formerly SPEWS). These services are used by most mail servers to protect their customers from spam.

The problem arises when the server where BoxTrapper is installed gets listed as the place where the spam originated, even though this is not true. A poorly configured APEWS system will designate the server that sent the BoxTrapper auto-response message as the source of the spam, rather than the the address that sent the original message that generated the BoxTrapper autoresponse. The result is that the entire server and the sender's domain get blacklisted.

Next, the original Boxtrapper user, and possibly the entire server where the user's account is hosted, discovers that all of their sent email bounces back from Comcast, Yahoo, MSN, AOL, etc., with the note that their IP address has been blacklisted. When you are blacklisted, it means that email sent from your address will not be accepted. This can take hours, days, and even weeks to resolve.

OUR BEST ADVICE: Reserve Boxtrapper for rare occasions where it is really needed to prevent a sudden massive spike in spam, otherwise, stick to the very accurate LinkSky based MailScanner system.


Should you choose to proceed, BoxTrapper settings are in the Mail section of your cPanel. Click on the BoxTrapper icon.


BoxTrapper is enabled on a "per mailbox" basis. Click Manage next to the mailbox that you want to set up.



On the next page you can Enable BoxTrapper and Configure the settings.



As always, contact us if you have questions about BoxTrapper or any other LinkSky service.



Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Please sign in to leave a comment.
Powered by Zendesk