Invalid requests for SMTP receive connectors

Some participants on the Internet try to overload other email servers by sending invalid requests (so-called denial-of-service attacks) or exploit security holes to break into servers. In order to minimize these attacks, you can specifically slow down such requests, for example by using the so-called tarpitting.

Settings for invalid requests when configuring SMTP receive connectors

Behaviour when receiving invalid SMTP commands

Blocking of IP addresses The blocking serves to specifically slow down servers that have already been identified as spam senders. If a server sends an email to your NoSpamProxy and it is classified as spam, subsequent emails from the same sending server will be blocked for the specified time period.

A regular email sender will make a new attempt to deliver the email after this period.

A spammer is likely to abort delivery and focus on unprotected email recipients. Use the Blocking for suspicious IP addresses radio button to set or turn off the option to block suspicious IP addresses. With the slider for the Blocking period you can set the duration of the blocking from 5 minutes to one day (1440 minutes).

Tarpitting Tarpitting is a method of slowing down email relays that do not follow the RFC for SMTP command sets and/or their correct order. As soon as an SMTP command is transmitted incorrectly or in the wrong place, NoSpamProxy waits five seconds with its response for each subsequent command. The transfer of the commands is thus artificially aggravated as if taking the route through a tar pit, hence the name tarpitting.

With the slider for the tarpitting level you can set by how many seconds NoSpamProxy Protection delays the response. If you set the slider to Low, the gateway will wait 2 seconds. Medium results in a 5 second delay and High results in a 10 second delay.