T. Eggendorfer and J. Keller (Germany)
Spam, SMTP, tar pit, proxy, simulation, bridge
Today, according to some statistics up to 90% of all emails received are unsolicited commercial emails (UCE, spam). This huge amount of spam would render email unusable if there was no way to filter spam. Most current filtering approaches rely on some kind of content analysis, which is the analogon to signature files for anti virus software. Both require constant maintenance to keep up with spammers learning from filters and both require computing power on the receiving mail server. An ideal solution would neither consume computing power nor require maintenance. Our approach is to take advantage of spammers' bulk mailers' terse time outs to avoid being trapped by a SMTP tar pit. To do so, a “stuttering” SMTP proxy has been implemented, simulating a tar pit only for a configurable time during the connection. To simplify the installation procedure and to have a transparent solution, the SMTP proxy has been implemented on a network bridge. This paper reports on the effectiveness of a SMTP tar pit simulator in reducing spam the protected mail server has to deal with.
Important Links:
Go Back
