Abstract

One of the most effective and after all very simple way of filtering spam is to perform an artificial short time transaction delay during the SMTP dialogue.

Full text

PRAGUE 08/01/2005: E-mail messages are sent using Simple Mail Transfer Protocol (SMTP). Designed for this purpose a TCP/IP connection to the Mailer eXchange (MX) host of the e-mail recipient is set up. Normally a server machine should be able to hold on approx. 60000 TCP/IP connections from or to any particular port. Of course, usually this number is many times less due to servers limited resources (Internet connectivity, hardware, software, etc.).

When it comes to incoming SMTP session spammers and viruses senders are very eager to send and deliver the mail to the recipient and are too impatient to wait for the servers SMTP response.

If it would be possible to hold an incomming SMTP connection open (i.e. for a couple seconds or minutes), the efficence of spammers sending e-mails trought sending machines is dramatticaly reduced. Most of the spam messages and almost all e-mail viruses are delivered to your server machine by a specialized SMTP client software, programmed to send through vast amounts of mails in short span of time.

Merak Instant AntiSpam offers you the possiblity to inject such time delay into the SMTP session, in particular before every single incoming SMTP connection. For a single user sending one or two (or even hundred when using an mailing list) emails at a moment, the time is unlikely to be noticed. Moreover the trusted IPs are bypassed by default, so legitimate senders are not affected at all. On the other hand for a bulk e-mailer such as a spammer, the small delays sum up, making this short spans of time big and then it takes too long to send thousands or even millions of emails.

Thanks to this easy but advanced trick, according to our own tests, as much as 50% of spam and virus containing e-mails never reaches the Merak Email Server for the Anti-Spam analysis. It is a kind of paradox to use and save your Internet resources by slowing them down.

After all, the RFC 2821 instructs that the client (sending host) should wait for several minutes for the SMTP response. To sum the thing up: 5-15 seconds time delay is about as long as you can bear before you start to notice the regular mails slowdown.

About IceWarp

IceWarp, Ltd. was started in 1999 with the development of Merak version 1. Merak’s exceptional product stability, performance and reliability quickly escalated its global adoption rate with ISPs and businesses. Over the years, IceWarp has maintained a technology leadership position by continuing to advance Merak through many industry-firsts, including:

Contact address

IceWarp Ltd. is located at City House, 6 Karaiskakis street, CY-3040 Limassol, Cyprus

info@icewarp.com