Knowledgebase
Downloads
RSS
Website
Home / UTM Platform / Manual / Email Protection / Antispam / Greylisting & Tarpit / What is a Tarpit?

What is a Tarpit?
Article ID: 37
Last updated:
Print
Export to PDF
Views: 300

What is the practice of tarpitting an email? This question has a twofold answer:

  • it's the practice of inserting a small sleep in an SMTP session for each RCPT TO command, after some set number of RCPT TO commands. The idea is to thwart spammers who would hand your SMTP server a single message with a long list of RCPT TOs. If a spammer were to attempt to use your server to relay a message with, say, 10,000 recipients, and you inserted a growing delay for each recipient after the fiftieth, the spammer would be "tarpitted," and would most likely assume that his connection had stalled and give up.
  • it's the practice of inserting a delay during all (or some) of the steps of an SMTP session with the same purpose of thwarting spammers and virus senders. However, this practice will also incur a delay to any legitimate emails that reaches the tarpit-protected MTA.

A tarpit uses even lower resources than a greylisting solution and can be very easily controlled. The tarpit can be run in parallel with a greylisting system, augmenting each other.
Just like greylisting, a tarpit is a low-cost, low-maintenance solution that fights spam and virused emails using very few system resources. Also, if properly calibrated, the rate of false positives should be very close to 0 (considering that all the legitimate MTAs abide to RFC821 where SMTP is described).

Figure 6-2
Prev   Next
What is Greylisting?     Greylisting Configuration

Powered by KBPublisher (Knowledge base software)

(c) Copyright 2008-2010 S.C. Syneto S.R.L. Romania