List bombing refers to the practice of abusing and attacking email list sign-up pages by bombarding them with a large number of new email addresses at the same time. What appears to be a spike in signups is actually a cyber attack. This doesn't necessarily mean we are under attack – our forms and lists may only be a tool the attackers are using – but whether we're the intended victim or collateral damage, leaving our systems open poses a significant risk.
The best solution for list bombing is to place a hidden honeypot field and implement captcha on all forms. For clients who do not protect their forms with either a hidden field or captcha, we mitigate the problem by blocking list-bombers based on signup activity by IP.
This page explains the procedure for identifying, blocking and documenting IP addresses identified as list-bombers, based on the "Possible IP List Bombing" emails delivered to the deliverability@14west.us inbox.
...