spam banner title pic
spam main navigation

Open Relay

Where to start:

One of the best places to start looking for info on open relays is ORBB.org, the open relay database. They also have a service where you can test a server for open relays: http://www.ordb.org/submit/

Direct from the government, the FTC 's info page called: Open Relays — Close the Door on Spam

From http://www.mail-abuse.org/tsi/ : Anti-Relay: Stop Third-Party Mail Relay: 

Do you manage an Internet mail server? Is your server secure? Or is it vulnerable to third-party relay? If so, then it's only a matter of time before spammers hijack your mail server. The threat is real, and the problem is happening now. Most modern mailers have the capability to fight these intruders. Act now to secure your mail server.

 


An open relay (sometimes called an insecure relay or a third-party relay) is an SMTP e-mail server that allows third-party relay of e-mail messages. By processing mail that is neither for nor from a local user, an open relay makes it possible for an unscrupulous sender to route large volumes of spam. In effect, the owner of the server -- who is typically unaware of the problem -- donates network and computer resources to the sender's purpose. In addition to the financial costs incurred when a spammer hijacks a server, an organization may also suffer system crashes, equipment damage, and loss of business.

In the past, open relays were used intentionally to facilitate mail relay between the separate closed e-mail systems (such as UUCP or FidoNet) served by the Internet. However, the Internet has expanded enormously since then, and the potential for abuse has expanded accordingly. Open relays are sometimes used legitimately: they are frequently used to support mobile users connecting to a corporate network through an ISP or to support multiple domains within an organization, and are sometimes used for debugging connectivity or to circumvent a known routing problem. However, other mechanisms can be used to route an authorized user around a closed relay.

The Mail Abuse Prevention System (MAPS) is one of several organizations that seeks to control the problem of open relays, though educating the public about the danger, and through publishing a blacklist of organizations whose mail hosts allow third-party relays (a similar organization, ORBS, is now defunct). The relay feature is a part of all SMTP-based servers, which means that most modern e-mail servers, if unprotected, are vulnerable. According to MAPS, because spammers use automated tools to search the Internet for vulnerable servers, an open relay will eventually be found and used. To avoid allowing spammers free access to their resources -- and to help stem the Internet's flow of spam -- MAPS urges administrators to turn off the relay option on their servers.

Read More About it At:
Tech Target info Last updated on: Nov 03, 2003