Untitled Document

Date: Mon, 25 Mar 2002 17:03:01 -0600
From: "Nestor, Aaron" <Aaron.Nestor@savvis.net>
To: 'Dean Anderson' <dean@av8.com>
Subject: RE: Open relay background

Dean,

I am still waiting on on feedback from Jay Edmondson (head of SAVVIS NOC),
but in the meantime am doing some research. It appears Open Relay is a
major problem that has caused many ISPs to be black listed. I understand
that by alerting SAVVIS of it's misuse you are a responsible manager of your
relay. Who knows Dean, there is nothing I want to do more then to keep your
situation up and going, but I'm in a tough spot. Is there anything you can
do that may be a compromise?

-Aaron

An open relay (sometimes called an insecure relay or a third-party relay) is
an SMTP e-mail server that allows third-party relay of e-mail messages. By
processing mail that is neither for nor from a local user, an open relay
makes it possible for an unscrupulous sender to route large volumes of spam.
In effect, the owner of the server -- who is typically unaware of the
problem -- donates network and computer resources to the sender's purpose.
In addition to the financial costs incurred when a spammer hijacks a server,
an organization may also suffer system crashes, equipment damage, and loss
of business.
In the past, open relays were used intentionally to facilitate mail relay
between the separate closed e-mail systems (such as UUCP or FidoNet) served
by the Internet. However, the Internet has expanded enormously since then,
and the potential for abuse has expanded accordingly. Open relays are
sometimes used legitimately: they are frequently used to support mobile
users connecting to a corporate network through an ISP or to support
multiple domains within an organization, and are sometimes used for
debugging connectivity or to circumvent a known routing problem. However,
other mechanisms can be used to route an authorized user around a closed
relay.

The Mail Abuse Prevention System (MAPS) is one of several organizations that
seeks to control the problem of open relays, though educating the public
about the danger, and through publishing a blacklist of organizations whose
mail hosts allow third-party relays (a similar organization, ORBS, is now
defunct). The relay feature is a part of all SMTP-based servers, which means
that most modern e-mail servers, if unprotected, are vulnerable. According
to MAPS, because spammers use automated tools to search the Internet for
vulnerable servers, an open relay will eventually be found and used. To
avoid allowing spammers free access to their resources -- and to help stem
the Internet's flow of spam -- MAPS urges administrators to turn off the
relay option on their servers.

-----Original Message-----
From: Dean Anderson [mailto:dean@av8.com]
Sent: Monday, March 25, 2002 5:13 PM
To: eric.burke@savvis.net; aaron.nestor@savvis.net
Subject: Open relay background

[...]