Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Spammer Directory Harvest Attacks Hammer Enterprises: Page 2 of 4

Each of those attacks, said Smith, averaged 234 invalid address lookups, creating an average of over 35,000 invalid lookups per day per company. The time spent dealing with a DHA chews up mail server processor time, packs deferral queues on those servers, and in some cases, can crash the server.

"That's a lot of useless work done by the server," said Smith. "Think of a single invalid lookup as a mosquito bite. One is no big deal, but say 40,000 and its death by mosquito bite."

In December 2004, Postini monitored its largest-ever DHA, one against a major North American retailer that peaked at more than 60,000 invalid address lookups every minute.

"If they hadn't been protected by Postini," Smith claimed, "a DHA of that magnitude would certainly have crippled their mail infrastructure."

Postini noted that the number of DHAs against its customers tripled in 2004 compared to the previous year, and that it often saw circumstantial evidence that spammers are tightly linking harvesting attacks and spam campaigns. "We've seen cases when a harvest happens and then a spam attack immediately follows," said Smith. In several cases it was clear that the one-two punch was automated, rather than being coordinated by a human spammer.