I'm afraid that Carl is 100% correct for Exchange 2003, the version used by the OP. Perhaps a change was made in Exchange 2007, I can't verify that.
Carl From: Simon Butler [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 5:05 PM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting Where the problems come with tarpitting is when people set the time delay too long. To be effective it doesn't need to be more than 5 seconds. Carl isn't quite 100% correct in its behaviour. It affects all recipients, valid or not. The idea is that a spammer is slowed down when carrying out a directory harvest attack. I personally feel that you shouldn't enable recipient filtering without tarpit. Tarpit is enabled by default in Exchange 2007. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/ for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/ _____ From: Don Andrews [mailto:[EMAIL PROTECTED] Sent: 05 June 2008 21:25 To: MS-Exchange Admin Issues Subject: RE: Tar Pitting Got it - it's not IP based but single message based - if that makes sense. thanks _____ From: Carl Houseman [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 1:16 PM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting What is there to remember? Tarpitting is simply this: If you (the sending smtp server) tell me an invalid recipient, I am going to wait for the tarpit delay time before I reject it and allow you to continue the smtp conversation with me. From: Don Andrews [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 4:10 PM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting So, the tar pitting component does not remember from one message to the next - even in the same connection? _____ From: Carl Houseman [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 1:05 PM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting The only way I can fathom that legitimate mail could be affected would be when a message contains both valid and invalid recipients. This particular message would be delayed for the valid recipients by (number of invalid recipients) * (tarpit delay time). Unless there are dozens of invalid recipients included in this message, the delay would not be significant. Carl From: Bill Lambert [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 1:57 PM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting Thanks, Carl. I had thought that it wouldn't affect performance but there was a statement in a MS article that said tar pitting may delay the delivery of legitimate mail. I appreciate the reply! Bill Lambert Concuity 847-941-9206 From: Carl Houseman [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 11:39 AM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting Tarpitting only changes behavior for mail that can't be delivered. There's no effect on normal mail flow. If you "filter recipients who are not in the directory" and receive mail directly with no intervening relay host, you should definitely enable it. Carl From: Bill Lambert [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 12:20 PM To: MS-Exchange Admin Issues Subject: Tar Pitting I'm curious if any of you with Exchange 2003 that use recipient filtering also use the SMTP tar pit feature. If so, can you give comments on its effect on mail flow/performance if any? Thanks in advance for any advice/comments. Bill Lambert Windows System Administrator Concuity A healthcare division of Trintech, Inc. Phone 847-941-9206 Fax 847-465-9147 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~
