An optimally configured SMTP relay (also called “smart host”) is a server that only forwards e-mails from senders to third parties if it’s responsible for both parties. They then always require authentication before using their e-mail service. It is for this reason, that all mail servers these days use ESMTP in conjunction with ASMTP. Spammers not only cost businesses money by generating high traffic at the expense of their hardware speed, they can also tarnish a business’s reputation and consume a lot of unnecessary time. This means that even legitimate e-mails end up in the recipient’s spam filter, so that the operator of a mail server must first take care of closing the security hole and then try to delete them from the list to operate normally again. Now, open mail relays instrumentalized for spam are usually identified as such after just a few hours or days and then end up on so-called blacklists. Additionally, more and more spammer botnets from “zombified” home computers are used as relays. If an application lets spam mail through, it is forwarded to the server via a local SMTP connection with the IP address of the respective application, which then treats it as trustworthy. However, according to Spamhaus, the problem often lies with poorly configured or cracked firewalls and external security applications – not necessarily with the server configuration itself, as is often the case with small, regional businesses. Sometimes these are the result of frivolous and inexperienced administrators. By 2005/2006, the number of open mail relays had shrunk from several hundred thousand to a negligible fraction.Īlthough the situation is no longer as critical as it was then, according to the non-profit organization Spamhaus, spammers are still finding 10 to 20 new open servers in the network per day. Various countermeasures have been deployed to solve the problem of open mail relays – first SMTP-After-POP and then ESMTP and ASMTP in 1995. Furthermore, the constant change of fake addresses made it possible to avoid spam filters. By using external hardware, the spammers also saved their own resources and so could not be traced back. Since the servers did not have additional authentication mechanisms at the time, they accepted the spam mails without difficulty and fed them into the network. The term given to this practice is “mail spoofing”. Morally questionable advertisers and malicious criminals (above all, the notorious “spam king” Sanford Wallace with his Cyberpromo firm) used the open servers with stolen or invented e-mail addresses to distribute spam. However, the widespread use of such unprotected relays led to the proliferation of spam. What seems absurd in today’s environment was originally founded in good reason: system errors and server failures were more frequent, so open mail relays could maintain regular traffic even in emergency situations. mail servers that forward all e-mails regardless of the sender or recipient address. For this reason, open mail relays were the norm until about 1997, i.e. The need for this procedure is due to the inherent features of the original 1982 SMTP, which did not provide user authentication by default. SMTP AUTH prevents an SMTP server from being misused as an open mail relay and distributes spam within a network.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |