Tarpitting is a technique used to slow down or delay email spammers or other automated systems that attempt to abuse a network service by sending a large number of requests. The goal of tarpitting is to make it more difficult and time-consuming for the attacker to carry out their attacks, thereby reducing the attacks’ overall volume.
In email systems, tarpitting works by delaying the response to an incoming email, typically by adding a delay between each SMTP response from the mail server. This can make the attacker’s software wait longer for a response, slowing down their ability to send additional spam messages. Tarpitting can also be used to slow down other network services (for example, web servers) by adding a delay to responses to requests from specific IP addresses or ranges.
Tarpitting improves network performance by slowing down the rate at which requests can be made to a network service and reducing the load on the service. The same technique works to prevent denial-of-service attacks because the hackers can’t overload the network with requests and crash it.
In database servers, tarpitting limits the number of queries that can be executed in a given time period. For example, the server may allow only 10 queries per minute from a specific IP address. If the attacker exceeds this limit, the server might start delaying the response time for subsequent queries from that IP address.