Directory Harvest Attack
A directory harvest attack or DHA is a spamming technique used to find and collect valid e-mail addresses. These addresses are later inundated with unwanted messages, usually advertisements (spam).
How does a DHA work?
Generally, a DHA is attempted as a brute force attack on a specific or multiple domains. This attack involves guessing combinations of common usernames and sending automated e-mails addressed to them. It then determines which ones are valid based on the type of response received by the e-mail server.
For instance, let's say individual attempting a DHA sent an e-mail to [email protected], [email protected], and [email protected] If the server then replied "invalid address" for the first two but not the third, the attacker would add [email protected] to its list of potentially valid e-mail addresses.