Search

Details

Screen Shots

Documentation

Frequently Asked Questions

Compare Editions

Testimonials

Support

Technical Support

Discussion Forums

Privacy Policy

Affiliates

Company

Contact

Features

SMTP Gateways

DNS Caching

Anti-Spam Systems

Firewall Support

Sending Speed

Security

Subscribe

Be informed about any major changes: click here

Blocking Open Relays

Table of Contents

An increasing number of spammers are exploiting open e-mail relays to send spam and disguise the true source of their messages. Open relays are e-mail servers that are configured to accept and transfer e-mail on behalf of any user anywhere, including unrelated third parties. If your computer acts as an open relay, it allows any e-mail sender anywhere to send messages.

How spammers detect open relays

Spammers use automated software to scan the Internet trying to find open relays. If they find out that your server is open, they will probably send spam through it. The software they are using scans a range of Internet IP addresses by trying to establish a network connection on port 25. If the connection succeeds, an IP address is listed and used for sending.

There are at least two advantages for the spammers:

This technique lets spammers hide their identities because it appears that the spam actually comes from you. This makes extremely hard to track them down.
It is virtually impossible to get caught by their ISP. All ISPs deny sending spam from their networks. If the spammers cannot be tracked down, they cannot be reported to their ISP which would broke down their account anyway, because of violating the Acceptable User Policy.

Recipients of the spam sent from your computer could flood your server with complaints. The spam and resulting e-mail traffic could overwhelm your system. If you are maintaining an open relay, you are leaving your door open to the theft of your computer services.

How ISPs reject messages from open relays

When you send messages from an SMTP server running on your computer, some ISPs perform a relay check. They identify your computer's IP address and try to establish a connection to port number 25 which is the port used to send e-mail. If the server on your computer accepts the connection - your message is rejected.

Detection

PostCast Server has a feature that allows you to check if your computer runs as an open relay. Open the Setup Wizard from the Tools menu and press the "Open Relay" button in the Network Diagnostics step:

Solutions

Accept only connections from local computer or LAN

When you enter your Internet IP address in the Host Name text box in the Settings screen, everyone can connect to the server from the Internet. You can run the server using the Internet IP address, but you need to either change the port number or allow access only to certain IP addresses.

If you do not need to accept connections from the Internet, select the LAN IP address or 127.0.0.1 in the Host Name drop down list in the Settings screen:

Change the port number

Change the number of the port from 25 to some random number (1-65535). Instruct the users to change the settings in their e-mail programs. This will trick the IP scanner software because your port 25 will be closed and your computer will not respond to their queries. Make sure that no other SMTP server software is running on your system, including "Simple Mail Transport Protocol (SMTP)" service if you are running Windows NT, 2000, XP, or 2003:

Restrict access to a list of IP addresses

The basic way to implement e-mail relay protection is to configure your e-mail server to allow only certain TCP/IP addresses and address ranges to relay through your server. With this technique, your e-mail server will reject any relay attempt from TCP/IP addresses outside of your network.

If, for example, computers on your network have IP addresses that begin with 192.168.0, go to Tools>Settings>Security and enter that as a value in the "Allow access ONLY for users with these IP addresses" list: