Pardon my asking, but why would you want to enable/use tar pitting? What does it do other than slow down an SMTP conversation?
John H. Matteson, Jr. Systems Administrator/ITT Systems FOB Orgun-E Afghanistan DSN - 318 431 8001 VoSIP - (308) 431 - 0000 Iridium - 717.633.3823 Roshain - 079 - 736 - 3832 "In the first place, we should insist that if the immigrant who comes here in good faith becomes an American and assimilates himself to us, he shall be treated on an exact equality with everyone else, for it is an outrage to discriminate against any such man because of creed, or birthplace, or origin. But this is predicated upon the person's becoming in every facet an American, and nothing but an American... There can be no divided allegiance here. Any man who says he is an American, but something else also, isn't an American at all. We have room for but one flag, the American flag.. We have room for but one language here, and that is the English language... and we have room for but one sole loyalty and that is a loyalty to the American people." Teddy Roosevelt; 1907 -----Original Message----- From: Carl Houseman [mailto:[EMAIL PROTECTED] Sent: Friday, June 06, 2008 5:49 AM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting When you said "it affects all recipients" that suggested (to me anyway) that both valid and invalid recipients would have a tarpit delay if tarpitting was enabled. Thank you for clarifying that that is not the case. To give the 100% correct summary: "Messages that are accepted and all recipients are valid are not delayed by tarpitting." Carl From: Simon Butler [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 8:17 PM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting It is all recipients - because it slows down any response that generates 5.x.x error code. That isn't just invalid recipients - but that is the most common use for its protection. It can also slow down malformed messages to valid recipients as well. http://support.microsoft.com/default.aspx?kbid=842851 Simon. ________________________________ From: Carl Houseman [mailto:[EMAIL PROTECTED] Sent: 06 June 2008 00:28 To: MS-Exchange Admin Issues Subject: RE: Tar Pitting I'm afraid that Carl is 100% correct for Exchange 2003, the version used by the OP. Perhaps a change was made in Exchange 2007, I can't verify that. Carl From: Simon Butler [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 5:05 PM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting Where the problems come with tarpitting is when people set the time delay too long. To be effective it doesn't need to be more than 5 seconds. Carl isn't quite 100% correct in its behaviour. It affects all recipients, valid or not. The idea is that a spammer is slowed down when carrying out a directory harvest attack. I personally feel that you shouldn't enable recipient filtering without tarpit. Tarpit is enabled by default in Exchange 2007. Simon. -- Simon Butler MVP: Exchange, MCSE Amset IT Solutions Ltd. e: [EMAIL PROTECTED] w: www.amset.co.uk w: www.amset.info Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/ for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/ ________________________________ From: Don Andrews [mailto:[EMAIL PROTECTED] Sent: 05 June 2008 21:25 To: MS-Exchange Admin Issues Subject: RE: Tar Pitting Got it - it's not IP based but single message based - if that makes sense. thanks ________________________________ From: Carl Houseman [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 1:16 PM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting What is there to remember? Tarpitting is simply this: If you (the sending smtp server) tell me an invalid recipient, I am going to wait for the tarpit delay time before I reject it and allow you to continue the smtp conversation with me. From: Don Andrews [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 4:10 PM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting So, the tar pitting component does not remember from one message to the next - even in the same connection? ________________________________ From: Carl Houseman [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 1:05 PM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting The only way I can fathom that legitimate mail could be affected would be when a message contains both valid and invalid recipients. This particular message would be delayed for the valid recipients by (number of invalid recipients) * (tarpit delay time). Unless there are dozens of invalid recipients included in this message, the delay would not be significant. Carl From: Bill Lambert [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 1:57 PM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting Thanks, Carl. I had thought that it wouldn't affect performance but there was a statement in a MS article that said tar pitting may delay the delivery of legitimate mail. I appreciate the reply! Bill Lambert Concuity 847-941-9206 From: Carl Houseman [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 11:39 AM To: MS-Exchange Admin Issues Subject: RE: Tar Pitting Tarpitting only changes behavior for mail that can't be delivered. There's no effect on normal mail flow. If you "filter recipients who are not in the directory" and receive mail directly with no intervening relay host, you should definitely enable it. Carl From: Bill Lambert [mailto:[EMAIL PROTECTED] Sent: Thursday, June 05, 2008 12:20 PM To: MS-Exchange Admin Issues Subject: Tar Pitting I'm curious if any of you with Exchange 2003 that use recipient filtering also use the SMTP tar pit feature. If so, can you give comments on its effect on mail flow/performance if any? Thanks in advance for any advice/comments. Bill Lambert Windows System Administrator Concuity A healthcare division of Trintech, Inc. Phone 847-941-9206 Fax 847-465-9147 ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~
