Jump to content

Directory harvest attack

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by CmdrObot (talk | contribs) at 20:55, 21 June 2006 (sp: existant→existent). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

A Directory Harvest Attack or DHA is a technique used by spammers in an attempt to find e-mail addresses. It is usually carried out by generating a flood of messages to multiple addresses at a mail server that is known to be valid. Most often, these attacks are targeted at corporations since they are likely to have a standard format for official e-mail aliases (i.e. jdoe(at) company.com, johnd(at)company.com, or johndoe(at)company.com).

There are two main techniques for generating the addresses that a DHA will target. In the first, the spammer creates a list of all possible combinations of letters and numbers up to a maximum length (15, for example) and then appends the domain name. The other, more targeted, technique is to create a list that combines first initials or common first names with common surnames (as in the example above). The success of a directory harvest attack depends on the mail server sending "bounce-backs" or automated replies to the sender for non-existent aliases. Any addresses that do not respond with a bounce-back are considered to be valid and are added to the spammers list (which are commonly sold between spammers).

References

Retrieved from "https://en.wikipedia.org/w/index.php?title=Directory_harvest_attack&oldid=59878387"