Directory Harvest Attacks
Created: 05 Nov 2007 • Updated: 22 May 2010 | 2 comments
We're new to SMS 5 and its control techniques so please pardon this perhaps obvious question:
When I first installed SMS 5.0.1 last week I was astounded to discover that >93% of my inbound mail was considered SPAM.
I turned on a feature called Directory Harvest Attacks and set the action to be defer connection. This morning I see that since doing this my SPAM has dropped to ~25% and the 'Attack' column [in the message overview report] has risen to the 70/80/90 + % zone. I presume that this means that 25% or so of my mail is tagged as SPAM and 70+% of it is tagged as originating from a DHA? Can anyone offer some insight into what I'm seeing? The affects of turning on the DHA/defer connection was immediate and pretty eye opening.