How to: Enable Tarpitting to Reduce Spam ¶

Tarpitting is when a server identifies a client’s abnormal email operations, and slows down or “tarpits” the process. Further information can be found here.

With tarpitting enabled, if a sender attempts to issue commands to the mail server before the banner, the connection is dropped. Example:

[root@server ~]# telnet test.corp.interworx.com 25
Trying 10.1.16.999...
Connected to test.corp.interworx.com.
Escape character is '^]'
HELO test 554
SMTP protocol violation
Connection closed by foreign host.
[root@server ~]#

Enabling both tarpitting and greylisting can be even more effective in reducing spam. Documentation on how to enable greylisting can be found here.

Contents

How to: Enable Tarpitting to Reduce Spam
- To Enable Tarpitting

To Enable Tarpitting ¶

Log in to the server at the CLI as root, either via SSH or from the terminal
At the CLI, use the text editor to open /etc/tcprules.d/tcp.smtp. By default, the contents of the file should look similar to the following:
```
127.:allow,RELAYCLIENT=""
::1:allow,RELAYCLIENT=""
:allow,LANG="en_US",QMAILQUEUE="/var/qmail/bin/simscan",CHKUSER_MBXQUOTA="99"
```

At the end of the line beginning with :allow, add GREETDELAY="5",DROP_PRE_GREET="1"

127.:allow,RELAYCLIENT=""
::1:allow,RELAYCLIENT=""
:allow,LANG="en_US",QMAILQUEUE="/var/qmail/bin/simscan",CHKUSER_MBXQUOTA="99",GREETDELAY="5",DROP_PRE_GREET="1"

Save and exit the text editor

At the CLI, run the command ~vpopmail/bin/clearopensmtp

[root@server ~]# ~vpopmail/bin/clearopensmtp
[root@server ~]#

How to: Enable Tarpitting to Reduce Spam¶

To Enable Tarpitting¶

How to: Enable Tarpitting to Reduce Spam ¶

To Enable Tarpitting ¶