Recently, there’s some talk about list bombing. What does this actually mean?
While ISPs concentrate on attacks from a single IP (or IP range) or sending domain, listbombing uses various subscription forms for sending just a few mails from each.
Problem for the targeted address is, that a lot of mails are coming in in a small amount of time without consistent pattern – goal is to make the address unavailable for a specific time.
DOI doesn’t help here as well, because the DOI confirmation mail itself can be part of the attack and be used for it.