A Directory Harvest Attack (DHA), is when the spammer sends spam to every conceivable name at your domain. You can prevent these attacks by rejecting email sent to a non-existent user.

Tarpitting discourages Directory Harvest Attacks without permanently blocking an offending IP address by slowing down incoming email from that address. Our mail server waits two seconds before responding to an invalid recipient command.

If we receive "x" number of connections from a given IP address in a single day, we defer future connections from that IP address for "x" number of hours.

Bounce Address Tag Validation (BATV) reduces the number of unauthorized NDRs (Non-Delivery Reports) delivered to your organization.

Spammers commonly forge sender email addresses when sending spam in order to make the spam email look like it was sent from a valid email address. If that spam cannot be delivered, an NDR is sent to the forged sender's email account.

BATV protects your organization by adding a signature to all of your outbound email. When an NDR arrives at your organization, BATV is used to check for a valid signature. If the signature does not exist or does not pass the security check, Email Security rejects the NDR. If the signature is authentic, the NDR is valid, and Email Security continues analyzing the NDR.

Greylisting discourages spam without permanently blocking a suspicious IP address. When greylisting is used, your Email Sever assumes that all new IP addresses that contact it are suspicious, and requires those addresses to retry connecting before it will accept the email.

When using "throttling", if the mail server receives "x" number of invalid emails from a given IP address, it defers future connections from that IP address for "x" number of hours.

All of the above techniques work very well for us. We have found that fighting spam requires multiple approaches to be extremely effective. As a result of our having posted our email addresses on the internet since 1996, we have fallen victim to those automated email address harvesters and probably appear on many, many spammers' lists.

The fact that our addresses have been exposed for so long, coupled with our active role in fighting spam has made us a target of the spammers.