We've recently been black listed for hitting a spam trap. The probem is that I don't understand the description very well:
Type: Project Honey Pot IPs Engaged In Dictionary Attacks On Your Network: 18.104.22.168 (D) Mon, 18 Jan 2016 10:19PM PST Dictionary-Attack-Username: puk Mon, 18 Jan 2016 10:19PM PST Dictionary-Attack-Username: jb
Can someone help me understand what: Dictionary-Attack-Username: puk and Dictionary-Attack-Username: jb mean?
How can I solve this efficiently, and where to look at?
I'd like to mention that following the Best practices in this case does not help me very much.
I believe this means you are using the email dictionary from the domain to email people who have not opted in to your email campaign
So this would be a guessing algorithm or a list that was scraped or interpolated?
I would call Support or the Deliverability Team because if this is a shared IP, then you may not be responsible for this and they can move you to another IP.
Mihai, a dictionary attack is when a server attempts to send mail to a list of common and/or short usernames in the expectation that as "OG addresses" they are likely to exist. For example, here your Marketo IP was used to send mail to email@example.com and firstname.lastname@example.org (it could also be two different domains) where the mail server for those domain(s) is a honeypot, a.k.a. a server used by the spamfighting organization Project Honeypot specifically to catch spammers. Even if those addresses exist, anyone using them is considered malicious. This is a common problem with purchased lists, which are polluted with addresses that, while extant, are actually gathered from honeypots.