Transparent SMTP proxy
Encyclopedia
SMTP proxies are specialized Mail Transfer Agent
s (MTAs) that, similar to other types of proxy server
s, pass SMTP sessions through to other MTAs without using the store-and-forward approach of a typical MTA. When an SMTP proxy receives a connection, it initiates another SMTP session to a destination MTA. Any errors or status information from the destination MTA will be passed back to the sending MTA through the proxy.
More commonly is when SMTP proxies are placed on the incoming network where they typically are used in the integration of anti-spam techniques into MTAs, the creation of e-mail hubs for load balancing, or to forward e-mail from a company-wide domain name to individual department mail servers. By using a proxy instead of the more common store-and-forward method of relaying e-mail, backscatter
can be greatly reduced.
An advantage of SMTP proxies is that they work with any already installed mail server. If one decides to switch to a different MTA, they can still use the same SMTP proxy.
Certain SMTP proxies implement connection
management, which ensures that no matter how big a spike in traffic coming from the outside (e.g. a virus outbreak or a DoS attack
), the back-end mail server will not receive more connections than it can handle.
Some proxies can implement throttling
- where suspect SMTP connections are slowed down. When slowed down, spammers typically give up (since they need to deliver huge volumes of email), whereas legitimate senders don't mind waiting a few minutes. This is a lenient version of tarpitting.
Throttling is hard to implement in a non-SMTP proxy solution, since each throttling connection holds up a usually heavy-weight process or thread, whereas a proxy can be implemented as a very efficient asynchronous I/O solution which can juggle thousands of connections at once.
Another reason to use a proxy is that while the DNS
allows multiple MX record
s which can be used to spread the load of incoming e-mail across multiple servers, DNS is not the best method for load balancing
. Also, DNS cannot easily allow more than about a dozen MX records, limiting the total number of incoming mail servers, which can be a problem for many large ISPs and corporations. By using transparent SMTP proxies, it is possible to improve the load balancing and increase the number of back-end mail servers.
Mail transfer agent
Within Internet message handling services , a message transfer agent or mail transfer agent or mail relay is software that transfers electronic mail messages from one computer to another using a client–server application architecture...
s (MTAs) that, similar to other types of proxy server
Proxy server
In computer networks, a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server...
s, pass SMTP sessions through to other MTAs without using the store-and-forward approach of a typical MTA. When an SMTP proxy receives a connection, it initiates another SMTP session to a destination MTA. Any errors or status information from the destination MTA will be passed back to the sending MTA through the proxy.
Uses
When SMTP proxies are placed on the outgoing network, they typically are used to intercept all SMTP connections to make sure that unauthorized e-mail, spam, e-mail worms, etc. are not sent from the network. This is common on internet connections provided by hotels, company networks, and some ISPs and is discussed in RFC 5068.More commonly is when SMTP proxies are placed on the incoming network where they typically are used in the integration of anti-spam techniques into MTAs, the creation of e-mail hubs for load balancing, or to forward e-mail from a company-wide domain name to individual department mail servers. By using a proxy instead of the more common store-and-forward method of relaying e-mail, backscatter
Backscatter (e-mail)
Backscatter is incorrect automated bounce messages sent by mail servers, typically as a side effect of incoming spam....
can be greatly reduced.
An advantage of SMTP proxies is that they work with any already installed mail server. If one decides to switch to a different MTA, they can still use the same SMTP proxy.
Certain SMTP proxies implement connection
Transmission Control Protocol
The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
management, which ensures that no matter how big a spike in traffic coming from the outside (e.g. a virus outbreak or a DoS attack
Denial-of-service attack
A denial-of-service attack or distributed denial-of-service attack is an attempt to make a computer resource unavailable to its intended users...
), the back-end mail server will not receive more connections than it can handle.
Some proxies can implement throttling
Bandwidth throttling
Bandwidth throttling is a reactive measure employed in communication networks to regulate network traffic and minimize bandwidth congestion. Bandwidth throttling can occur at different locations on the network. On a local area network , a sysadmin may employ bandwidth throttling to help limit...
- where suspect SMTP connections are slowed down. When slowed down, spammers typically give up (since they need to deliver huge volumes of email), whereas legitimate senders don't mind waiting a few minutes. This is a lenient version of tarpitting.
Throttling is hard to implement in a non-SMTP proxy solution, since each throttling connection holds up a usually heavy-weight process or thread, whereas a proxy can be implemented as a very efficient asynchronous I/O solution which can juggle thousands of connections at once.
Another reason to use a proxy is that while the DNS
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
allows multiple MX record
MX record
A mail exchanger record is a type of resource record in the Domain Name System that specifies a mail server responsible for accepting email messages on behalf of a recipient's domain, and a preference value used to prioritize mail delivery if multiple mail servers are available...
s which can be used to spread the load of incoming e-mail across multiple servers, DNS is not the best method for load balancing
Load balancing (computing)
Load balancing is a computer networking methodology to distribute workload across multiple computers or a computer cluster, network links, central processing units, disk drives, or other resources, to achieve optimal resource utilization, maximize throughput, minimize response time, and avoid...
. Also, DNS cannot easily allow more than about a dozen MX records, limiting the total number of incoming mail servers, which can be a problem for many large ISPs and corporations. By using transparent SMTP proxies, it is possible to improve the load balancing and increase the number of back-end mail servers.
Types of SMTP Proxies
SMTP proxies come in a few fundamental flavors:- SynchronousSynchronization (computer science)In computer science, synchronization refers to one of two distinct but related concepts: synchronization of processes, and synchronization of data. Process synchronization refers to the idea that multiple processes are to join up or handshake at a certain point, so as to reach an agreement or...
- each SMTP client connection causes the proxy to establish a single connection with a downstream mail server. See the open source smtp-gated project for an example of a simplex SMTP proxy. - MultiplexingMultiplexingThe multiplexed signal is transmitted over a communication channel, which may be a physical transmission medium. The multiplexing divides the capacity of the low-level communication channel into several higher-level logical channels, one for each message signal or data stream to be transferred...
- the proxy establishes downstream connections only as needed; this is done to protect the downstream mail server from excessive connection concurrency. - Transparent - the proxy is inserted into the network between clients and servers and masquerades itself in such a way that the client and server believe they are talking directly to each other, even though there is a proxy in the middle. The commercial "MailChannels Outbound" product from MailChannelsMailChannelsMailChannels Corporation is an anti-spam technology company founded in 2004 and based in Vancouver, British Columbia. The firm was created by some former employees of ActiveState to develop new techniques for fighting spam. The company's first product, "Traffic Control," is a software-based SMTP...
implements a transparent proxy. Policy-based routingPolicy-based routingIn computer networking, policy-based routing is a technique used to make routing decisions based on policies set by the network administrator....
may be used to route SMTP traffic through a transparent SMTP proxy.
See also
- Anti-Spam SMTP ProxyAnti-Spam SMTP ProxyThe Anti-Spam SMTP Proxy server project is an Open Source, Perl based, platform-independent transparent SMTP proxy server available at SourceForge.net that leverages numerous methodologies and technologies to both rigidly and adaptively identify e-mail spam...
- MailChannelsMailChannelsMailChannels Corporation is an anti-spam technology company founded in 2004 and based in Vancouver, British Columbia. The firm was created by some former employees of ActiveState to develop new techniques for fighting spam. The company's first product, "Traffic Control," is a software-based SMTP...
- TurnTideTurnTideTurnTide Inc. was an anti-spam technology company founded in 2004 and based in Conshohocken, Pennsylvania. The firm was created as a spin-off corporation from privacy and anti-spam technology firm ePrivacy Group to bring to market the world's first anti-spam router...
- E-mail hub MX based load-balancing and simple failover.
- X-Originating-IPX-Originating-IPThe X-Originating-IP Email header field is a de facto standard for identifying the originating IP address of a client connecting to a mail server.- Format :The general format of the field is:...