DHA (Directory Harvest Attack)

A Directory Harvest Attack or DHA is a technique used by spammers in an attempt to find valid/existent e-mail addresses at a domain by using brute force. The attack is usually carried out by way of a standard dictionary attack, where valid e-mail addresses are found by brute force guessing valid e-mail addresses at a domain using different permutations of common usernames. These attacks are more effective for finding e-mail addresses of companies since they are likely to have a standard format for official e-mail aliases (i.e. jdoe@example.domain, johnd@example.domain, or johndoe@example.domain).

There are two main techniques for generating the addresses that a DHA will target. In the first, the spammer creates a list of all possible combinations of letters and numbers up to a maximum length (15, for example) and then appends the domain name. This would be described as a standard brute force attack.