Directory Harvest Protection

What is a directory harvest attack?

A Directory Harvest Attack or DHA is a technique used by spammers in an attempt to find valid/existent e-mail addresses at a domain by using brute force. The attack is usually carried out by way of a standard dictionary attack, where valid e-mail addresses are found by brute force guessing valid e-mail addresses at a domain using different permutations of common usernames. These attacks are more effective for finding e-mail addresses of companies since they are likely to have a standard format for official e-mail aliases (i.e. jdoe@example.domain, johnd@example.domain, or johndoe@example.domain).

In a DHA, an attacker unleashes a program that guesses at possible e-mail addresses within a domain and attempts to send messages to those addresses. The server rejects requests intended for addresses that don't exist. By the process of elimination, the addresses it doesn't reject are deemed valid, and the program can add them to a spammer's databases.

The result isn't just more spam (as if that weren't bad enough). An aggressive DHA can place such intense demands on a server that it mimics a denial-of-service attack and slows legitimate e-mail delivery.

Defend against spammers who attempt to deliver messages to a large number of valid and invalid email addresses at your domain. NoSpam Mail Protection blocks all email address not configured in the system before the mail reaches the mail server or network.

 

Source:
Wikipedia
(http://en.wikipedia.org/wiki/Directory_Harvest_Attack

PC Magazine "Understanding Directory Harvest Attacks" By: John Clyman
(http://www.pcmag.com/article2/0,2817,1543581,00.asp)