Yep, the Ipswitch implementation of tarpitting does turn out to be nearly as unconfigurable as Dan said. According to the release notes, it can only be enabled and controlled via EDITING THE REGISTRY(!), and even then very little tweaking is possible.
\Uh-oh, better fasten seat belt, rant on\ Edit the registry? Edit the freaking registry?!?! Jeezus, it's the year 2005, people!!! What is Ipswitch thinking? Why bother having any administrative interface at all? After two years of requests for this feature, how hard was it to add a single "enable" check box?!?!? And what if we need to release an accidentally tarpitted address on the fly, or customize trigger points and durations to the realities of our traffic, and not Ipswitch's? Sorry, looks like we're SOL. It again highlights the systemic problem with Imail I reluctantly stated two weeks ago: "My biggest complaint about Imail was not the features--it was the half-baked implementation of most of them. It was maddening--enough functionality to be ticked on a feature list, but often inflexible, untweakable and sometimes pathetically unusable." Look, I'm glad that Ipswitch FINALLY has basic tarpitting available--but realize that competing servers now give their customers interfaces like this (attached jpg) to allow adjustments for their network conditions. It also has a separate bypass list (bypass tarpit trigger by domain, IP, or email address). Ipswitch is not going to win old customers back, keep exisiting ones, or gain many new with clueless, half-hearted functionality like this. And what manager actually signed-off that controlling a major feature via regedit was "good enough" in 2005?!? That person cares nothing of quality and should be fired. Clear the cobwebs man, and turn the programmers loose on doing it right!!! I don't want to rain on Ipswitch's new release parade tonight--but I hope the other important new additions in 8.2 have a lot more flexibility and fine-tuning capability than this tarpitting implementation. Unbelievable...requiring registry editing for basic settings in 2005...SHEESH! \unfasten seat belt, remove Nomex, rant off\ :-) Dev Wednesday, April 27, 2005, 1:40:07 PM, you wrote: DH> The thing I was interested in was the DH> Dictionary attack feature that breaks a connection DH> after so many ERRs in a single connection. I guess DH> that isn't configurable, because there's no place DH> in the GUI to set it. Not that I need it, but it DH> is really the thing that Imail needs most IMO, a DH> defense against the dictionary attacks that forced DH> me and many others to put up an IMgate box or use DH> BlackIce or some other method of mitigating the DH> extreme loads that Imail was experiencing when it DH> was dealing with the dictionary attacks on its own.
<<attachment: tarpit1.jpg>>
