What does "Dictionary attack supression rejecting" means?

The following is shown at the message tracker:

[140689295795968] 2020-05-07 09:49:38 (SMTP)<199073> [g->c] 450 Requested mail action not taken [140689295795968] 2020-05-07 09:49:38 (SMTP)<199073> [c->g] RCPT TO:<email@example.com <mailto:email@example.com > > [140689295795968] 2020-05-07 09:49:38 (SMTP)<199073> Dictionary attack supression rejecting address: email@example.com <mailto:email@example.com >

I can't find anything about this message, could someone tell me something about this?

  • Hello,

    the dictionary attack has the following "reason".

    A dictionary attack is an attack where senders try to miss-use the mail-command to send in mails

    For example if messages are send to "various words in a dictionary"@example.com at some point these messages are accepted as valid recipients as a valid mail-address might have been found randomly.

    SMG is keeping track of "wrong commands/recipients". If a sender tries to send out messages to wrong, not RFC-valid recipients this brings up a dictionary attach.

    In this example you posted the SMTP-Command used by the sender.

    RCPT TO:<email@example.com <mailto:email@example.com > >

    the command is not rfc valid and wrong. A corrected command for example should look like this:

     RCPT TO:"username" <userc@d.bar.org>

    The command tries to use the mailserver for relaying.

    As the example recipient does not exist (example.com-domain)

    SMG is "noticing this and bringing up the dictionary attack suppression.

     

    A bit further on dictionary attack spam:

    http://blog.onlymyemail.com/dictionary-attack-spam/

    Regards,

     

    Georg