Directory Harvest Attacks(DHA):
--> A Directory Harvest Attack or DHA is a technique used by spammers to find valid/existent email addresses of a domain either by using Brute force or by guessing valid e-mail addresses at a domain using different permutations of common username
--> DHA is a common method used by spammers. It utilizes recipient verification in an attempt to determine an email server’s valid email addresses so that they can be added to a spam database
--> If Recipient Address Verification is enabled, each recipient address will be verified with the protected email server. For email destined for invalid recipient addresses, the FortiMail unit will return User Unknown messages to the SMTP client. However, spammers will utilize this response to guess and learn valid recipient addresses.
--> Spammers can threaten your network with junk mail if they get a list of all users in an organization's directory or can guess email addresses from your organization
--> Directory Harvest Attacks(DHA) Protection Feature of Email Gateway can help to protect organizations vulnerable to increased attacks on their email and other data systems
--> To prevent this, enable Enable sender reputation in session profiles (located in Profile > Session > Session). Sender reputation weighs each SMTP client’s IP address and assigns them a score. If the SMTP client sends several email messages to unknown recipients, the sender’s reputation score is increased significantly. When the sender reputation score exceeds the threshold, the SMTP client’s SMTP sessions are terminated at connection level.
0 comments:
Post a Comment