On 06/14/16 09:59, Kris Deugau wrote: > James B. Byrne wrote: >> 3. If there is nothing that involves Postfix then something like what >> you propose must be the case. Or someone has gone to some lengths to >> scan for these addresses using our domain name as a search term. > > Every now and then I have seen indications in the mail logs of various > systems that some spammer is once again taking all of the username parts > they've ever seen and mix-and-matching them with domain names. > > I have also seen, even less often, the next best thing to literally > trying all possible ASCII usernames, in order - or at least trying all > dictionary words from a modest dictionary mixed with that username list, > in ASCII order.
Dictionary attacks are cheap when you have a botnet and it's not *your* CPU cycles or bandwidth that you're burning. -- Phil Stracchino Babylon Communications [email protected] [email protected] Landline: 603.293.8485
