• Contact Us
  • Pricing
  • Search
  • Register
  • Login
  • DNS Tools
    • MX Records
    • A Records
    • CNAME Record
    • PTR Record
    • SPF/TXT Records
    • NS Records
  • Domain Tools
    • ARIN Records
    • WHOIS Records
  • Blacklists
    • Blacklist Checker
    • Whitelist Checker
    • Email Blacklist Removal Tool
  • Email Tools
  • Port Scans
  • Other Tools
    • IP Tools
      • IP Address Converter
      • IP Address Locator
      • IP Range To CIDR
    • Chrome Extension - Email Deliverability Checker
  • Blog
    • First Time Sender
      • Email Certification
      • Email Throttling
      • IP Warming
    • Formatting Emails
      • For Browsers
      • For Devices
      • For Email Clients
    • How To Avoid
    • How To Set Up
    • Mail Tester Guide
      • Email Headers Explained
      • MX Records, PTR Records, and Reverse PTR Records AKA rDNS
      • RFC Syntax Checking
      • Email Port Checks
      • SPF Record and Alignment
      • DKIM Signatures and Alignment
      • DMARC Checker
      • Mail Tester Test Tool
    • Measuring Peformance
      • Bounces
      • Clickthrough Rates
      • Open Rates
    • Related Resources
      • Abuse Contacts
      • Common Ports
      • DMARC and the Contact Us Form
      • Email Identifier
      • Email Headers
      • Email Statistics
      • How Email Works
      • How to Treat Spammers
      • Securing Your Server
    • Rules to Follow
      • Can Spam Act
      • Postmaster Guidelines
  • Member Services
    • Members Area
    • Blacklist Monitoring
    • Complete Monitoring Solution
    • Domain Name Monitoring
    • Feedback Loop Submissions
    • Full Port Scan Monitoring
    • Mail Tester Pro Tool
    • Mail Miner
    • Spam Detector Toolbox
    • Trusted Sender Site Seal

Securing Your Server: Shut the Door on Spam

Your organization probably handles lots of Internet traffic every day — both to and from your clients and customers. The settings of your network servers may open your system to misuse.

If your mail server maintains an open door to the Internet, known as an "open relay," someone could access it and pass unsolicited commercial email (spam) through it. And if your proxy server is "open," a spammer could use it to connect to your mail server and send bulk email anonymously. Not only can these abuses overload your server, they also could damage your organization's reputation. That's because it will appear that your system sent the spam.

Now an international group of government agencies says a few quick, easy, and no- or low-cost steps can protect your computer systems from misuse.

How Email Works

To send or receive email, your computer must be connected to a mail server, a machine connected to the Internet that runs software allowing it to process email. When you send an email message from a secure server, software in one part of the mail server checks that you're listed as a user within your organization. If you are, it sends out your mail. When someone sends you an email, software in another part of the server confirms that you're an authorized user and then accepts and delivers the email to you.

But if the server is not secure, and some of its settings allow it to stay "open," it will forward email to addressees who are not listed as users in your organization. Often called open relays, insecure relays, or third-party relays, these open mail servers are configured to accept and deliver email on behalf of any user anywhere, including third parties with no relation to you or your organization. You don't benefit from allowing this email to slip through your server; no one in your organization is receiving it or sending it.

Open relays are a vestige of the early days of the Internet, when many mail servers were kept open to allow email to travel among different networks. Although they helped the Internet grow, they were abused by spammers, who have used them to disguise the origin of their messages.

The Current Problem — Open Proxies

Today, spammers are more likely to use an open proxy server to send their spam. A proxy is usually installed to be the only machine on your network that directly interacts with the Web, providing more efficient Web browsing for your users. But if your proxy is not configured properly — that is, if your server is open — it also may allow unauthorized Internet users to connect through it to other hosts on the Internet. For example, a spammer can use your open proxy to connect anonymously to another mail server. Then, any mail that the spammer sends appears to have come from your system. In addition, an improperly configured proxy server can allow other types of unauthorized — and potentially damaging — network connections, including instant messaging, computer attacks, or file transfers.

Consequences for Your Business

When spam appears to come from your system, your server can be flooded with complaints from frustrated recipients. That could overwhelm your system and cause your server to crash. Repairing it could be time-consuming and costly, both in financial terms and the potential loss of goodwill from those who think you've sent the spam. The bottom line: An open proxy or open relay is an open door to the theft of your computer services and the impression that you're sending unwanted junk email.

Securing Your Servers

To prevent these abuses, and the negative consequences for your business, check — and if necessary, secure — your servers. It usually takes just a couple of commands. To find out whether you have an open relay on your system, evaluate the mail transfer agent software (MTA) your company uses to manage its email.

To determine if your proxy server is vulnerable, consider these questions.

  • Does your proxy allow connections from untrusted networks such as the Internet?
  • Are you using the most current version of your proxy server software and hardware?
  • Have you applied the latest patches or upgrades available?
  • Are you using proper access controls for your server?
  • Is someone regularly checking for unauthorized uses of your proxy server?
  • Do you have and monitor an "abuse@[YourDomainName]" email account where people can report abuses of your proxy server?

For More Information

For up-to-date links to information on securing your server, visit FTC's Secure Your Server Resource. You also can find resources through your favorite Internet search engine by entering a phrase like "open relay" or "open proxy." Keep in mind that there's no "one-size-fits-all" way to secure your server. The solution is specific to the software and hardware that you use.

The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint or to get free information on consumer issues, visit ftc.gov or call toll-free, 1-877-FTC-HELP (1-877-382-4357); TTY: 1-866-653-4261. The FTC enters consumer complaints into the Consumer Sentinel Network, a secure online database and investigative tool used by hundreds of civil and criminal law enforcement agencies in the U.S. and abroad. 

Source: Federal Trade Commission January 2004

Copyright © 2020 Unlock The Inbox
Privacy Policy and Terms and Conditions