> On Mar 2, 2018, at 12:45 PM, John Johnstone 
> <jjohnstone-mai...@tridentusa.com> wrote:
> The list washers / validators must be doing a brisk business today. Many use 
> Amazon hosting in what seems to be an attempt to evade blocking by IP.  Aside 
> from the simple attempts I see some that are trying things like:
> j...@domain.tld
> john....@domain.tld
> jon....@domain.tld
> john-...@domain.tld
> jonathon...@domain.tld
> j...@domain.tld
> and things even more obscure like
> j...@domain.tld
> j...@domain.tld
> with up to 50 various permutations / combinations.
> It seems somebody gave some fairly purposeful thought into coming up with the 
> algorithms to generate these.  I'm curious to know what peoples thinking is 
> as to the hat color of these attempts.  Particularly if there are any 
> opinions on the risk / need to block them.

They are all trying to extract email addresses from your network without 
permission, so
that they can sell that data to their customers to send unwanted email to your 
without permission. It's guessing or "e-pending", not validation.

There *are* valid times to *validate* an email address in that manner, but 
they're rare and
they'll only be validating a single user at a time, not trying to dictionary 
attack your server
or play guessing games to try and find an email address for someone they don't 
have an
email address for.

Blocking them will reduce the amount of unwanted, non-permissioned email your 
receive. That's worth doing if you can do so without too much effort. (Whether 
blocking all of ec2 is a good idea is a separate conversation).

Accepting and discarding them, or rejecting them or discarding them randomly in
order to corrupt their data and damage their business model is a fun 
conversation to
have, but not really an operational discussion.


mailop mailing list

Reply via email to