Mini dictionary attack
I do various grep searches on my log files in order to spot problems. And I found another type of dictionary attack.
And this one illustrates how short sighted many people are when they choose e-mail addresses. These are the addresses tried in one such attack:
accounting@domain.com
administrator@domain.com
admin@domain.com
advertising@domain.com
contact@domain.com
help@domain.com
home@domain.com
info@domain.com
mail@domain.com
majordomo@domain.com
postmaster@domain.com
And in a very similar dictionary attack, I found this in addition:
accounts@domain.com
billing@domain.com
root@domain.com
sales@domain.com
support@domain.com
webmaster@domain.com
These addresses should be avoided. In fact, try to make your addresses hard to guess, but still memorable.
The problem is of course that if you avoid the postmaster address, you open yourself to other problems. The postmaster address should at the very least be open on the root domain of the webserver, but I’m torn when it comes to small domains used by one to six people. I mean, most of them don’t read the postmaster account anyway.