I've come to the realization that if you run a compliant mail server (with DKIM, DMARC and SPF) then you become a target for brute-force password attacks because those Spammers do like their mail to be delivered reliably.
This seems to work in practice. I've noticed a lot of Spam, incoming, which passes all those checks and it only gets sent to my Junk folder due to the excellent efforts of Bogofilter.
If you run a mail server, make sure it'll stand up to these attacks.
