About a day and a half ago an unknown entity began trying to log in to our email server, obviously to send spam, using hundreds of different IP addresses from all around the world. This is what's called a distributed attack.
They were trying to login with credentials <user>@<domain>, the domain belongs to one of our free hosting clients, a regional skeptics blog from Boston, however the user name the attacker was using does not exist within that domain so there was no chance they could ever succeed.
Every time our highly advanced firewall bans an IP I get an email about it. For a little over a day I spent lots of time marking these emails as read to clear my inbox. That is the extent of the harm caused by this attacker.
Here is a typical email, unedited.
They finally gave up, or ran out of cash to rent a botnet.
Firewall good, spammers bad. We win.