List bombing refers to the practice of abusing and attacking email list sign-up pages by bombarding them with a large number of new email addresses at the same time. What appears to be a spike in signups is actually a cyber attack. This doesn't necessarily mean we are under attack – our forms and lists may only be a tool the attackers are using – but whether we're the intended victim or collateral damage, leaving our systems open poses a significant risk. Clients could have harmful data (ie, spam traps) injected into their lists, and domain/IP reputation could be damaged if there's suspicious traffic.
The best solution for list bombing is to place a hidden honeypot field and implement captcha on all forms. Some anti-spam/anti-abuse organizations are now flagging domains that have unprotected forms on their site(s). For clients who do not protect their forms with either a hidden field or captcha, we mitigate the problem by blocking list-bombers based on signup activity by IP. This is an imperfect solution, as it is reactive, not preventative.
This page explains the procedure for identifying, blocking and documenting IP addresses identified as list-bombers, based on the "Possible IP List Bombing" emails delivered to the deliverability@14west.us inbox.
...