Tarpitting: Difference between revisions

From ASRG
Jump to navigationJump to search
(New page: {{ast |date=late 1990s |difficult=Medium |popular=Low |effective=Low |where=MTA |harm=Low }} Tarpitting involves keeping SMTP clients online as long as possible, on the theory that while ...)
 
No edit summary
 
Line 10: Line 10:
Tarpitting involves keeping SMTP clients online as long as possible, on the theory that while they are stuck in the tarpit they won't be delivering spam to someone else.  Tarpits were modestly effective when spamware was single threaded, but now that spam is typically delivered through farms of botnets, and both legitimate and illegitimate MTAs are typically multithreaded, there's little reason to think that they have any effect any more.
Tarpitting involves keeping SMTP clients online as long as possible, on the theory that while they are stuck in the tarpit they won't be delivering spam to someone else.  Tarpits were modestly effective when spamware was single threaded, but now that spam is typically delivered through farms of botnets, and both legitimate and illegitimate MTAs are typically multithreaded, there's little reason to think that they have any effect any more.


Some of the most sophisticated tarpits were reported to keep up to 4,000 simultaneous sessions active, and to keep some clients online for as much as several days by slowly feeding them endless numbers of server message continuing lines.
Some of the most sophisticated tarpits were reported to keep up to 4,000 simultaneous sessions active, and to keep some clients online for as much as several days by slowly feeding them endless numbers of server message continuation lines.


Some early tarpit software was developed in Germany, so the technique is also known by the German name ''teergrube''.
Some early tarpit software was developed in Germany, so the technique is also known by the German name ''teergrube''.

Latest revision as of 23:43, 12 August 2008

Anti-spam technique: Tarpitting
Date of first use: late 1990s
Effectiveness: Low
Popularity: Low
Difficulty of implementation: Medium
Where implemented: MTA
Harm: Low


Tarpitting involves keeping SMTP clients online as long as possible, on the theory that while they are stuck in the tarpit they won't be delivering spam to someone else. Tarpits were modestly effective when spamware was single threaded, but now that spam is typically delivered through farms of botnets, and both legitimate and illegitimate MTAs are typically multithreaded, there's little reason to think that they have any effect any more.

Some of the most sophisticated tarpits were reported to keep up to 4,000 simultaneous sessions active, and to keep some clients online for as much as several days by slowly feeding them endless numbers of server message continuation lines.

Some early tarpit software was developed in Germany, so the technique is also known by the German name teergrube.