SMTP proxies are specialized

mail transfer agent The mail or post is a system for physically transporting postcards, letters, and parcels. A postal service can be private or public, though many governments place restrictions on private systems. Since the mid-19th century, national postal syst ...

s (MTAs) that, similar to other types of

proxy server In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. Instead of connecting directly to a server that can fulfill a request ...

s, pass

SMTP The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typical ...

sessions through to other MTAs without using the store-and-forward approach of a typical MTA. When an SMTP proxy receives a connection, it initiates another SMTP session to a destination MTA. Any errors or status information from the destination MTA will be passed back to the sending MTA through the proxy.

Uses

SMTP proxies are commonly used to process and filter inbound and outbound email traffic.

Inbound SMTP proxying

SMTP proxies often serve as the initial, network-facing layer in an email system, processing SMTP connections from clients before forwarding data to a second layer of

mail server Within the Internet email system, a message transfer agent (MTA), or mail transfer agent, or mail relay is software that transfers electronic mail messages from one computer to another using SMTP. The terms mail server, mail exchanger, and MX host ...

s. SMTP proxies often implement the first and/or only layer of defence in an inbound anti-spam filtering system, where they can analyze messages using a spam content filter or

antivirus program Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. ...

, block or rate limit connections using DNS blacklists and

reputation system Reputation systems are programs or algorithms that allow users to rate each other in online communities in order to build trust through reputation. Some common uses of these systems can be found on E-commerce websites such as eBay, Amazon.com, and ...

s, and load-balance SMTP connections to prevent overloading of mail servers.

Advantages of SMTP proxying

Because SMTP proxies do not store messages like a

(MTA) does, they can reject SMTP connections or message content in

real-time Real-time or real time describes various operations in computing or other processes that must guarantee response times within a specified time (deadline), usually a relatively short time. A real-time process is generally one that happens in defined ...

, doing away with the need for

out-of-band Out-of-band activity is activity outside a defined telecommunications frequency band, or, metaphorically, outside of any primary communication channel. Protection from falsing is among its purposes. Examples General usage * Out-of-band agreement ...

non-delivery reports (NDRs), which are the cause of backscatter email, a serious problem in the Internet email system. Certain SMTP proxies implement

TCP connection TCP may refer to: Science and technology * Transformer coupled plasma * Tool Center Point, see Robot end effector Computing * Transmission Control Protocol, a fundamental Internet standard * Telephony control protocol, a Bluetooth communication s ...

management (otherwise known as flow control), which can help to reduce damage to downstream mail servers resulting from spikes in TCP traffic from malicious SMTP clients.

management in the context of SMTP typically involves

bandwidth throttling Bandwidth throttling consists in the intentional limitation of the communication speed (bytes or kilobytes per second) of the ingoing (received) data and/or in the limitation of the speed of outgoing (sent) data in a network node or in a network ...

and/or introducing delays in SMTP command responses (this is also known as tarpitting). When slowed down, certain malicious sources of SMTP traffic such as

spambot A spambot is a computer program designed to assist in the sending of spam. Spambots usually create accounts and send spam messages with them. Web hosts and website operators have responded by banning spammers, leading to an ongoing struggle betwe ...

s tend to give up rather than continuing to deliver a full

email message Electronic mail (email or e-mail) is a method of exchanging messages ("mail") between people using electronic devices. Email was thus conceived as the electronics, electronic (digital media, digital) version of, or counterpart to, mail, ...

.Article discussing an implementation of SMTP tar-pitting
Fetched from the Web Hosting Industry Review web site on May 7, 2012. Network tarpitting can be challenging to implement within an

email server Within the Internet email system, a message transfer agent (MTA), or mail transfer agent, or mail relay is software that transfers electronic mail messages from one computer to another using SMTP. The terms mail server, mail exchanger, and MX host ...

, since each SMTP connection is processed more slowly than normal, often holding up precious system resources such as memory and CPU. Because SMTP proxies can be implemented using lighter-weight programming techniques such as

asynchronous I/O In computer science, asynchronous I/O (also non-sequential I/O) is a form of input/output processing that permits other processing to continue before the transmission has finished. A name used for asynchronous I/O in the Windows API is overlappe ...

(for example

nginx Nginx (pronounced "engine x" ) is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. The software was created by Igor Sysoev and publicly released in 2004. Nginx is free and open-source software ...

Node.js Node.js is an open-source server environment. Node.js is cross-platform and runs on Windows, Linux, Unix, and macOS. Node.js is a back-end JavaScript runtime environment. Node.js runs on the V8 JavaScript Engine and executes JavaScript code o ...

Netty Netty may refer to: * Netty (software), a Java project * North East England ( Geordie) dialect for toilet or public convenience *Netty (name) See also * Westoe Netty *Nethy (disambiguation) * Natty (disambiguation) *Netta (disambiguation) *Nett ...

and

libevent libevent is a software library that provides asynchronous event notification. The libevent API provides a mechanism to execute a callback function when a specific event occurs on a file descriptor or after a timeout has been reached. libevent als ...

), thousands of connections can be juggled using the same resources as a much smaller number of connections in the context of a full-blown

store-and-forward Store and forward is a telecommunications technique in which information is sent to an intermediate station where it is kept and sent at a later time to the final destination or to another intermediate station. The intermediate station, or node in ...

Outbound SMTP proxying

SMTP proxies are sometimes inserted between sending

s on a local network, and their receiving counterparts on the Internet. SMTP proxies are often used in this context in order to filter outgoing

spam Spam may refer to: * Spam (food), a canned pork meat product * Spamming, unsolicited or undesired electronic messages ** Email spam, unsolicited, undesired, or illegal email messages ** Messaging spam, spam targeting users of instant messaging ( ...

; however, other applications such as

DomainKeys Identified Mail DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in email (email spoofing), a technique often used in phishing and email spam. DKIM allows the receiver to check that an email claimed ...

(DKIM) signing also existSetting up the outbound proxy with Postfix
Fetched on May 7, 2012.

Types of SMTP proxies

SMTP proxies come in a few fundamental flavors: *

Synchronous Synchronization is the coordination of events to operate a system in unison. For example, the conductor of an orchestra keeps the orchestra synchronized or ''in time''. Systems that operate with all parts in synchrony are said to be synchronou ...

- each SMTP client connection causes the proxy to establish a single connection with a downstream mail server. See the open-sourc
smtp-gated
project for an example of a synchronous SMTP proxy. *

Multiplexing In telecommunications and computer networking, multiplexing (sometimes contracted to muxing) is a method by which multiple analog or digital signals are combined into one signal over a shared medium. The aim is to share a scarce resource - a ...

- the proxy establishes downstream connections to the mail server only as needed, and by intelligently juggling a pool of SMTP connections; this juggling protects the downstream mail server from excessive connection concurrency.Developing High Performance Asynchronous IO Applications
Fetched May 7, 2012. * Transparent - the proxy is inserted into the network between clients and servers, masquerading itself in such a way that the client and server believe they are talking directly to each other, even though there is a proxy in the middle. The commercial "MailChannels Outbound" product from MailChannels implements a transparent proxy.MailChannels Outbound Product Information
/ref>

Policy-based routing In computer networking, policy-based routing (PBR) is a technique used to make routing decisions based on policies set by the network administrator. When a router receives a packet it normally decides where to forward it based on the destination ...

may be used to route SMTP traffic through a transparent SMTP proxy.

References

{{Reflist Anti-spam Spam filtering