Configuring tarpitting options in SecurityGateway Print

This article explains how to configure SecurityGateway to utilize tarpitting, which is a technique that introduces a small amount of time between processing of incoming messages. This can discourage spammers and other abusers from attempting to send out messages through your server.

From the Dashboard, after logging in:

1. Click on Security in the lower-left corner
2. Locate the Anti-Abuse section
3. Click on Tarpitting

You may then configure the following options:

• Activate tarpitting

  SecurityGateway will deliberately delay the processing of response to certain SMTP commands for a specified amount of time, to help discourage abuse. By default, this is disabled.

• SMTP EHLO/HELO delay (in seconds)

  This is the amount of time that SecurityGateway will delay before responding to an incoming session's EHLO/HELO command. By default, this is set to 0 for no delay.

• Authenticated IPs experience a single HELO/EHLO delay per day

  If a connecting session authenticates with a username and password, any other connection from that same IP for the rest of the day will not be subjected to a delay after the EHLO/HELO command is given, as above. By default, this is disabled.

• SMTP RCPT tarpit threshold

  Any RCPT TO command given by the incoming server before this amount will not be subject to tarpitting rules. Once the threshold is hit, tarpitting begins. By default, this is set to 5 recipients.

• SMTP RCPT tarpit delay (in seconds)

  This is the amount of time that SecurityGateway will delay before responding to an incoming session's RCPT TO command. By default, this is set to 10 seconds.

• Scaling Factor

  If you wish, you can increase the amount of time SecurityGateway delays before responding to an incoming session by a multiple, so multiple RCPT TO commands are delayed for longer periods of time. For example, with the default value of 10 seconds above, and a scaling factor of 1.5, the next RCPT TO command will be delayed by 15 seconds, the third by 20 seconds, and so on. By default, this is set to 1.0, for no scaling.

• Exclude messages from whitelisted IP addresses and hosts

  If the sending host or IP address is on the server's whitelist, then SecurityGateway will not tarpit the connection. By default, this is enabled.

• Exclude messages from authenticated sessions

  If the connecting session authenticates with a username and password on the SecurityGateway server, then SecurityGateway will not tarpit the connection. By default, this is enabled.