I just encountered new one (to me). Which was truly brute force spamming.
Spammer bot connected smtp server directly and started scanning email addresses. By brute force! That's rude!
In Spamgourmet's case that's not very effective. But in some cases it is. Because many users prefer short addresses.
Bot went trough all addresses shorter than 6 chars.
[a-z][A-Z][0-9] that's funny.
So it seems that smtp server needs to be modified to block those attacks, there is no easy configuration options anymore. Like drop smtp session after thee invalid addresses has been encountered. Or something like that.
Is that reason why spamgourmet says:
<ksjdf@spamgourmet.com>: host gourmet.spamgourmet.com[216.75.35.164] said: 554
5.7.1 ERRINV: rejected - no such user or invalid syntax (in reply to RCPT
TO command)
Even I though that spamgourmet wouldn't bounce...
Has that been changed lately?