| If you have an open mail relay, your computer will
accept e-mail from anywhere and relay it to anywhere, allowing unscrupulous people to mail huge quantities of junk e-mail (SPAM). One consequence of this is that your machine AND your ISP's central mail servers will be black-listed and prevented from delivering mail to the outside world. The problem is with your mail transfer agent, which is, in many cases sendmail or Microsoft Exchange. Sendmail or Exchange may be configured incorrectly, or it may be old and "congenitally defective." Indeed, vulnerable versions of Sendmail are installed by default as part of some versions of UNIX, and they should be upgraded before systems are put on the network. However, all types of mail systems can run open mail relays, if they are not configured properly. If you wish to confirm the state of your mail server(s) for yourself, you may find the following link useful. http://www.abuse.net/relay.html If your mail server does not pass all 17 of the tests on the site, it may be an open relay. Below are several links to sites that can help explain the problems with open mail relays and how to correct them (or "lock down" your server). http://www.uwsg.iu.edu/security/mail-relay.html http://www.mycert.mimos.my/mailabuse/antirelay.html http://info.connect.com.au/docs/exchange/relay.html http://mail-abuse.org/tsi/ar-fix.html http://support.microsoft.com/default.aspx?scid=kb;EN-US;q310356 http://support.microsoft.com/default.aspx?scid=kb;EN-US;q310380
|