As I mentioned in my previous blog post that I would discuss other harvesting techniques used by spammers, one popular among them is Directory Harvesting Attacks or DHA. So what is DHA?

Wikipedia:-A Directory Harvest Attack or DHA is a technique used by spammers in an attempt to find valid/existent e-mail addresses at a domain by using brute force. The attack is usually carried out by way of a standard dictionary attack, where valid e-mail addresses are found by brute force guessing valid e-mail addresses at a domain using different permutations of common usernames. These attacks are more effective for finding e-mail addresses of companies since they are likely to have a standard format for official e-mail aliases (i.e. jdoe@example.domain, johnd@example.domain, or johndoe@example.domain).

So how will you protect your mail server against Directory Harvesting Attacks? Here is your solution, you can verify an email address by utilizing LDAP lookup, Microsoft Active Directory lookup for Exchange environment or do a SMTP verify transaction. In any email SMTP verify there are two steps first a greeting for your x@yourdomainname.com email address and actual message data for that email address, once you receive greeting, your anti spam software or appliance will check if x@yourdomainname is a valid email username in the system if valid then accept the email message and process it, if not drop the invalid recipient message, by utilizing this feature you are saving lot of bandwidth and storage resource if you quarantine spam. Most of the Anti Spam software products will have options to block IP address which generate multiple recipient failures and you can defer to receive emails from that single IP for x numbers of hours, this will slow down the attack and gives your server some breathing time to update it's DNS blacklist. As I don't have room here to discuss how to configure and set Directory Harvesting Properties in your appliance or software, I will advise to check your vendor support site or manual. This Blog sponsor GFI has a product called "Mail essentials" which does this job for you. When you find time please do visit their site and support manual here to see how easy it's to configure the settings in GFI for Microsoft Exchange environment. If you've got ideas, suggestions, questions or other ways to control spam please let me know, by leaving a comment here.