What is a Directory Harvest Attack?
search cancel

What is a Directory Harvest Attack?


Article ID: 177348


Updated On:


Mail Security for Domino Mail Security for Microsoft Exchange


What is a Directory Harvest Attack?


E-mail messages recieved by end users with little or no content in the message header and body often constitute a directory harvest attack (DHA) or chaff.

DHAs are used by spammers to determine valid/invalid email addresses by trial and error.

A spammer will typically target a specific domain, sending a blank body/subject line attack to a series of common names, abbreviations, numbers that would be commonly associated with vaild email addresses from those domains.

Any messages that are not rejected during the SMTP conversation nor bounced after receipt are considered valid addresses by the spammers, and can be used in a future spam campaigns as well as sold to other spammers and 3rd parties for other uses.

Example DHA e-mail message:

Symantec Security Response Web Site