Directory harvest attack
A Directory Harvest Attack or DHA is a technique used by spammers in an attempt to find e-mail addresses. It is usually carried out by generating a flood of messages to multiple addresses at a mail server that is known to be valid. Most often, these attacks are targeted at corporations since they are likely to have a standard format for official e-mail aliases (i.e. jdoe(at) company.com, johnd(at)company.com, or johndoe(at)company.com).
There are two main techniques for generating the addresses that a DHA will target. In the first, the spammer creates a list of all possible combinations of letters and numbers up to a maximum length (15, for example) and then appends the domain name. The other, more targeted, technique is to create a list that combines first initials or common first names with common surnames (as in the example above). The success of a directory harvest attack depends on the mail server sending "bounce-backs" or automated replies to the sender for non-existent aliases. Any addresses that do not respond with a bounce-back are considered to be valid and are added to the spammers list (which are commonly sold between spammers).
References
- Definition on Postini.com -- a major e-mail services provider.
- Definition on TechEncylopedia