What is a Directory Harvest Attack?
Article ID: 177348
Updated On:
Products
Mail Security for Domino
Mail Security for Microsoft Exchange
Issue/Introduction
What is a Directory Harvest Attack?
Resolution
E-mail messages recieved by end users with little or no content in the message header and body often constitute a directory harvest attack (DHA) or chaff.
DHAs are used by spammers to determine valid/invalid email addresses by trial and error.
A spammer will typically target a specific domain, sending a blank body/subject line attack to a series of common names, abbreviations, numbers that would be commonly associated with vaild email addresses from those domains.
Any messages that are not rejected during the SMTP conversation nor bounced after receipt are considered valid addresses by the spammers, and can be used in a future spam campaigns as well as sold to other spammers and 3rd parties for other uses.
Example DHA e-mail message:
References
Symantec Security Response Web Site
DHAs are used by spammers to determine valid/invalid email addresses by trial and error.
A spammer will typically target a specific domain, sending a blank body/subject line attack to a series of common names, abbreviations, numbers that would be commonly associated with vaild email addresses from those domains.
Any messages that are not rejected during the SMTP conversation nor bounced after receipt are considered valid addresses by the spammers, and can be used in a future spam campaigns as well as sold to other spammers and 3rd parties for other uses.
Example DHA e-mail message:
References
Symantec Security Response Web Site
Feedback
Yes
No
Powered by
