170:
recipient e-mail server rejecting e-mail sent to invalid recipient e-mail addresses during the Simple Mail
Transfer Protocol (SMTP) session. Any addresses to which email is accepted are considered valid and are added to the spammer's list (which is commonly sold between spammers). Although the attack could also rely on Delivery Status Notifications (DSNs) to be sent to the sender address to notify of delivery failures, directory harvest attacks likely don't use a valid sender e-mail address.
33:
149:, where valid e-mail addresses are found by brute force guessing valid e-mail addresses at a domain using different permutations of common usernames. These attacks are more effective for finding e-mail addresses of companies since they are likely to have a standard format for official e-mail aliases (i.e.
169:
The other, more targeted technique, is to create a list that combines common first name and surnames and initials (as in the example above). This would be considered a standard dictionary attack when guessing usernames for e-mail addresses. The success of a directory harvest attack relies on the
173:
The actual e-mail message generated to the recipient addresses will usually be a short random phrase such as "hello", so as not to trigger a spam filter. The actual content that is to be advertised will be sent in a later campaign to just the valid email addresses.
166:. This would be described as a standard brute force attack. This technique would be impractical for usernames longer than 5-7 characters. For example, one would have to try 36 (nearly 3 trillion) e-mail addresses to exhaust all 8-character sequences.
161:
There are two main techniques for generating the addresses that a DHA targets. In the first, the spammer creates a list of all possible combinations of letters and numbers up to a maximum length and then appends the
181:, the sender achieves the goal based on sheer volume, and not on accuracy of delivery. Using this method, the message would likely contain the content that the spammer is advertising, and not a short random phrase.
177:
One theory is that spammers also use DHAs to disseminate spam, and not just to collect email addresses for a later spam campaign. Using the method in this way, similar to a paper-based
50:
423:
209:
463:
97:
438:
251:
69:
116:
223:
76:
199:
629:
54:
83:
418:
300:
624:
65:
458:
43:
433:
330:
268:
244:
90:
473:
443:
410:
448:
290:
142:
614:
428:
371:
237:
205:
146:
569:
516:
581:
551:
285:
17:
619:
591:
561:
511:
453:
376:
366:
310:
608:
526:
491:
391:
325:
229:
574:
531:
501:
351:
536:
346:
163:
156:
153:
150:
32:
506:
483:
356:
315:
277:
541:
521:
396:
586:
496:
381:
361:
260:
468:
386:
320:
137:) is a technique used by spammers in an attempt to find valid/existent
138:
546:
305:
233:
26:
145:. The attack is usually carried out by way of a standard
560:
482:
409:
339:
276:
267:
57:. Unsourced material may be challenged and removed.
245:
8:
273:
252:
238:
230:
198:Com, Javvin Www Networkdictionary (2007).
117:Learn how and when to remove this message
190:
7:
55:adding citations to reliable sources
226:– a major e-mail services provider.
439:Distributed Checksum Clearinghouse
25:
424:Challenge–response spam filtering
261:Unsolicited digital communication
31:
141:addresses at a domain by using
42:needs additional citations for
1:
204:. Javvin Technologies Inc.
646:
459:Naive Bayes spam filtering
66:"Directory harvest attack"
224:Definition on Postini.com
434:Disposable email address
296:Directory harvest attack
131:directory harvest attack
18:Directory Harvest Attack
630:Types of cyberattacks
444:Email authentication
51:improve this article
291:Bulk email software
625:Online advertising
201:Network Dictionary
602:
601:
429:Context filtering
405:
404:
211:978-1-60267-000-6
147:dictionary attack
127:
126:
119:
101:
16:(Redirected from
637:
570:Advance-fee scam
517:Keyword stuffing
274:
254:
247:
240:
231:
216:
215:
195:
122:
115:
111:
108:
102:
100:
59:
35:
27:
21:
645:
644:
640:
639:
638:
636:
635:
634:
605:
604:
603:
598:
582:Make Money Fast
556:
552:URL redirection
478:
401:
335:
286:Address munging
263:
258:
220:
219:
212:
197:
196:
192:
187:
123:
112:
106:
103:
60:
58:
48:
36:
23:
22:
15:
12:
11:
5:
643:
641:
633:
632:
627:
622:
617:
607:
606:
600:
599:
597:
596:
595:
594:
584:
579:
578:
577:
566:
564:
562:Internet fraud
558:
557:
555:
554:
549:
544:
539:
534:
529:
524:
519:
514:
512:Google bombing
509:
504:
499:
494:
488:
486:
480:
479:
477:
476:
471:
466:
461:
456:
454:List poisoning
451:
446:
441:
436:
431:
426:
421:
415:
413:
407:
406:
403:
402:
400:
399:
394:
389:
384:
379:
374:
369:
364:
359:
354:
349:
343:
341:
337:
336:
334:
333:
328:
323:
318:
313:
311:Email spoofing
308:
303:
298:
293:
288:
282:
280:
271:
265:
264:
259:
257:
256:
249:
242:
234:
228:
227:
218:
217:
210:
189:
188:
186:
183:
125:
124:
39:
37:
30:
24:
14:
13:
10:
9:
6:
4:
3:
2:
642:
631:
628:
626:
623:
621:
618:
616:
613:
612:
610:
593:
590:
589:
588:
585:
583:
580:
576:
573:
572:
571:
568:
567:
565:
563:
559:
553:
550:
548:
545:
543:
540:
538:
535:
533:
530:
528:
527:Referrer spam
525:
523:
520:
518:
515:
513:
510:
508:
505:
503:
500:
498:
495:
493:
490:
489:
487:
485:
481:
475:
472:
470:
467:
465:
462:
460:
457:
455:
452:
450:
447:
445:
442:
440:
437:
435:
432:
430:
427:
425:
422:
420:
417:
416:
414:
412:
408:
398:
395:
393:
392:Telemarketing
390:
388:
385:
383:
380:
378:
375:
373:
370:
368:
365:
363:
360:
358:
355:
353:
350:
348:
345:
344:
342:
338:
332:
329:
327:
326:Pink contract
324:
322:
319:
317:
314:
312:
309:
307:
304:
302:
299:
297:
294:
292:
289:
287:
284:
283:
281:
279:
275:
272:
270:
266:
262:
255:
250:
248:
243:
241:
236:
235:
232:
225:
222:
221:
213:
207:
203:
202:
194:
191:
184:
182:
180:
175:
171:
167:
165:
159:
157:
154:
151:
148:
144:
140:
136:
132:
121:
118:
110:
99:
96:
92:
89:
85:
82:
78:
75:
71:
68: –
67:
63:
62:Find sources:
56:
52:
46:
45:
40:This article
38:
34:
29:
28:
19:
575:Lottery scam
532:Scraper site
502:Doorway page
372:Mobile phone
352:Cold calling
295:
200:
193:
179:leaflet drop
178:
176:
172:
168:
160:
134:
130:
128:
113:
107:October 2011
104:
94:
87:
80:
73:
61:
49:Please help
44:verification
41:
537:Social spam
449:Greylisting
419:Client-side
347:Auto dialer
164:domain name
143:brute force
609:Categories
542:Spam blogs
507:Forum spam
484:Spamdexing
357:Flyposting
316:Image spam
278:Email spam
185:References
77:newspapers
522:Link farm
492:Blog spam
411:Anti-spam
377:Newsgroup
367:Messaging
269:Protocols
615:Spamming
587:Phishing
497:Cloaking
474:Spamhaus
382:Robocall
362:Junk fax
469:SpamCop
387:Spambot
331:Spambot
321:Joe job
91:scholar
208:
139:e-mail
93:
86:
79:
72:
64:
620:Email
592:Voice
547:Sping
464:SORBS
340:Other
306:DNSWL
301:DNSBL
155:, or
98:JSTOR
84:books
397:VoIP
206:ISBN
70:news
158:).
135:DHA
53:by
611::
152:,
129:A
253:e
246:t
239:v
214:.
133:(
120:)
114:(
109:)
105:(
95:·
88:·
81:·
74:·
47:.
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.