We are seeing the issue reappear again.
Logs from our gateway (times are GMT -05:00):
Fri Feb 7 05:34:26 2014 Info: New SMTP ICID 448505658 interface Data 1 (172.18.254.20) address 216.82.251.11 reverse dns host mail1.bemta12.messagelabs.com verified yes
Fri Feb 7 05:34:26 2014 Info: ICID 448505658 ACCEPT SG UNKNOWNLIST match sbrs[-1.0:10.0] SBRS 5.5
Fri Feb 7 05:34:26 2014 Info: Start MID 114112239 ICID 448505658
Fri Feb 7 05:34:26 2014 Info: MID 114112239 ICID 448505658 From: <
BudgetConfirmations@budgetgroup.com>
Fri Feb 7 05:34:26 2014 Info: MID 114112239 ICID 448505658 To: <
BudMsite017@mt.com> Rejected by LDAPACCEPT
Fri Feb 7 05:34:31 2014 Info: Message aborted MID 114112239 Receiving aborted by sender
Fri Feb 7 05:34:31 2014 Info: Message finished MID 114112239 aborted
Fri Feb 7 05:34:31 2014 Info: ICID 448505658 close
Fri Feb 7 05:37:13 2014 Warning: Dropping connection due to potential Directory Harvest Attack from host=('216.82.251.4', 'mail1.bemta12.messagelabs.com'), dhap_limit=25, sender_group=UNKNOWNLIST, listener=IncomingMail, reverse_dns=216.82.251.4, ICID 448507806
Fri Feb 7 05:37:18 2014 Warning: Dropping connection due to potential Directory Harvest Attack from host=('216.82.251.8', 'mail1.bemta12.messagelabs.com'), dhap_limit=25, sender_group=UNKNOWNLIST, listener=IncomingMail, reverse_dns=216.82.251.8, ICID 448507895
Fri Feb 7 05:37:33 2014 Warning: Dropping connection due to potential Directory Harvest Attack from host=('216.82.251.17', 'mail1.bemta12.messagelabs.com'), dhap_limit=25, sender_group=UNKNOWNLIST, listener=IncomingMail, reverse_dns=216.82.251.17, ICID 448508100
Please inform your client that sending SPAM is not really nice. And that it causes anti-spam solutions to block the complete Messagelabs platform.