Chapter 3. Open Relays

Initially, the Internet was used by a very trusting community. Sites were open, with information freely available and shared. Passwords and user accounts were shared and even publicized. Email servers accepted emails from any source and sent them towards their destination. Nowadays, the ethos of the Internet has changed. Information is no longer shared as freely, and user accounts and passwords are guarded. It is rare to find a server that will take email from an unknown user and forward it on. This is a direct consequence of spam and the cost and risks associated with it.

Spam has become such a problem that ISPs terminate the accounts of spammers when they are reported. Consequently, spammers search for open relays, which are email servers that allow unknown or unauthenticated users to send emails. Once discovered, spammers use these mail servers to send spam emails. This approach prevents spam from being traced to its true source.

Running an open relay has serious implications for a system administrator. The server may become listed on one or more Open Relay Blacklists (ORBLs). Once listed on an ORBL, emails from a server could be rejected as spam by other systems. In addition, the Internet connection may be suspended or terminated by the supplier if the open relay is not closed as soon as possible after notification.

Fortunately, all the popular Mail Transfer Agents (MTAs) can easily be configured to prevent them being used as an open relay. The MTAs discussed in this book—Sendmail, Postfix, Exim, and qmail—default to this behavior when installed afresh. If an older version of these MTAs is installed, the default configuration may not be secure. If the configuration of an MTA has been altered, an open relay may have been inadvertently created.