An attempt to send spam, based on guessing usernames instead of using a list of known addresses.

The name comes from the Grimm fairy tale/fairy story Rumpel-stilts-kin, in which a woman wins her freedom from a Faustian bargain by guessing (actually, eavesdropping to learn) the true name of the other party to the contract.

A Rumpelstiltskin attack simply uses common names and usernames...

RCPT TO: <smith>
RCPT TO: <jones>
RCPT TO: <mukherjee>
RCPT TO: <lopez>
RCPT TO: <gandalf>

...until one of them succeeds. Then the address gets added to a list of existing addresses, and the attack resumes.

SOURCE: Spotted on http://slashdot.org/article.pl?sid=01/04/18/164257

Log in or register to write something here or to contact authors.