Canning spam, Question No. 2 |
 |
| 21 Apr 2005 | SearchSecurity.com |
|
|
2.) To avoid directory harvest attacks (DHAs), one -- albeit misguided -- school of thought is to accept all e-mail, whether or not the recipient is valid. How does this decrease the chances of a successful DHA?
Answer from Oops! Exposing the biggest blunders for fighting spam and viruses:
The second reason why you might accept e-mail that your MTAs can't deliver is in a misguided attempt to deal with directory harvest attacks (DHAs). The theory behind a DHA is that the spammer tries every possible e-mail address, starting with a@yourco.com and ending with zzzzzzzzzz@yourco.com, in the hopes of identifying those that are legitimate. If you only accept mail for existing users, then you expose your e-mail directory to the spammer. They find out who can receive mail and, it is presumed, can more efficiently send you junk mail. To avoid the dreaded DHA, one school of thought is to simply accept all mail, whether or not the recipient is valid. This doesn't give the spammer any information, although it does tie up your MTA while it accepts mail for nonexistent users. (Read the rest of this article)
<< Back to quiz
|
|
|
|
