When is IMAIL can support the following feature?
Tarpitting (recommended)
They don't know what tarpitting is.
tarpitting is when a defending MTA intentionally "goes slow" with it SMTP responses to an attackers STMP commands, ie, the attacked MTA makes the attacker come through a sticky tar patch, in order to hold the attacker on line longer.
The fatal problem is that it also ties up the resources of the defending MTA.
Worse than fatal, the attacker often has many more resources to waste on the tarpitted attack than the attacked MTA has resouces to waste on tarpitting the attacker. So the tarpitting MTA risks DoSing itself with its own stupid defense.
This feature is very effective against Trial and Error Harvesting.
Their feature is effective if it works, but it's not tarpitting.
The most effective tarpitting action is to drop silently the TCP connection with the attacker as quickly as possible.
Administrators can configure VisNetic MailServer to check for unsuccessful attempts to deliver messages to unknown users by external or local non-existing users. If the number of attempts in a session exceeds the number specified by the Admin, the IP address of the sender will be remembered for that period and no access from that IP address will be allowed within that period. We recommend a count of 3-5 and a period of 60 to 240 min.
And, in supreme FUDness, that's not even tarpitting, it's simple blocking.
I�m working on a Imail add-on product that will do this kind of defense, and more. It will be cheap and effective when used as directed.
Len
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
