Spammers constantly seek new valid email addresses to add to their lists.

Valid, confirmed email addresses are considered hard currency amongst spammers and are often sold or traded between spam gangs. While most email addresses are still collected from web pages, usenet news groups or domain registration information - Directory Harvest Attacks (DHAs) are becoming increasingly popular.

DHAs are something spammers use to collect as many valid email addresses as possible from a specific email server, for a specific domain. In a normal SMTP (email) conversation the sending mail server contacts the receiving mail server, saying it has an email message for (as an example) <firstname.lastname@domain.com>

The target mail server normally responds with a confirmation; the user is valid and the message is accepted - or there is no such user listed and any messages to this user is rejected.

Spammers abuse this by bombarding the email server with different combinations of addresses, such as george@company.com, george.smith@company.com, gsmith@company.com and so on.

Millions of combinations can be tried in a very short time frame.
Any address not rejected by the email server can safely be considered valid by the spammer.

Not only will your server be extremely busy serving these bogus requests, most likely disrupting the normal email flow - most of your email catalogue will be stolen by the spammer. 

Messagewash™ protects your email catalogue against Directory Harvest Attacks by blocking all attempts to verify any specific user.