This sounds very similar to the "callback" mechanism employed by (for
example) Verizon. [...]
This is pretty effective from Verizon's viewpoint, but bombards any
forged domains with HELO/MAIL FROM:<>/RCPT TO:<...>/QUIT, which some
of those domains interpret as an attack.
Not incorrectly, either, IMO.
After all, by doing this, Verizon has turned themselves into a perfect
dictionary-attack launderer; that is, the victim cannot tell who is
actually dictionary-attacking them. (Or even *whether*; the difference
between a spam run with forged senders and a dictionary attack is
approximately none from the victim's immediate point of view.)
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML
mouse(_at_)rodents(_dot_)montreal(_dot_)qc(_dot_)ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg