An open mail relay is a

Simple Mail Transfer Protocol The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typ ...

(SMTP)

server Server may refer to: Computing *Server (computing), a computer program or a device that provides requested information for other programs or devices, called clients. Role * Waiting staff, those who work at a restaurant or a bar attending custome ...

configured in such a way that it allows anyone on the

Internet The Internet (or internet) is the Global network, global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a internetworking, network of networks ...

to send

e-mail Electronic mail (usually shortened to email; alternatively hyphenated e-mail) is a method of transmitting and receiving Digital media, digital messages using electronics, electronic devices over a computer network. It was conceived in the ...

through it, not just mail destined to or originating from known users. This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular because of their exploitation by

spammers This is a list of individuals and organizations noteworthy for engaging in bulk electronic spamming, either on their own behalf or on behalf of others. It is not a list of all spammersonly those whose actions have attracted substantial independent ...

and

worms The World Register of Marine Species (WoRMS) is a taxonomic database that aims to provide an authoritative and comprehensive catalogue and list of names of marine organisms. Content The content of the registry is edited and maintained by scien ...

. Many relays were closed, or were placed on

blacklist Blacklisting is the action of a group or authority compiling a blacklist of people, countries or other entities to be avoided or distrusted as being deemed unacceptable to those making the list; if people are on a blacklist, then they are considere ...

s by other servers.

History and technology

Until the 1990s, mail servers were commonly intentionally configured as open relays; in fact, this was frequently the installation default setting. The traditional

store and forward Store and forward is a telecommunications technique in which information is sent to an intermediate station where it is kept and sent at a later time to the final destination or to another intermediate station. The intermediate station, or node in ...

method of relaying e-mail to its destination required that it was passed from computer to computer (through and beyond the Internet) via

modem The Democratic Movement (, ; MoDem ) is a centre to centre-right political party in France, whose main ideological trends are liberalism and Christian democracy, and that is characterised by a strong pro-Europeanist stance. MoDem was establis ...

s on telephone lines. For many early networks, such as

UUCPNET UUCP (Unix-to-Unix Copy) is a suite of computer programs and protocols allowing remote execution of commands and transfer of files, email and netnews between computers. A command named is one of the programs in the suite; it provides a user ...

FidoNet __ / \ /, oo \ (_, /_) _`@/_ \ _ , , \ \\ , (*) , \ )) ______ , __U__, / \// / FI ...

and

BITNET BITNET was a co-operative United States, U.S. university computer network founded in 1981 by Ira Fuchs at the City University of New York (CUNY) and Greydon Freeman at Yale University. The first network link was between CUNY and Yale. Backgrou ...

, lists of machines that were open relays were a core part of those networks.

Filtering Filtration is a physical process that separates solid matter and fluid from a mixture. Filter, filtering, filters or filtration may also refer to: Science and technology Computing * Filter (higher-order function), in functional programming * Fil ...

and speed of e-mail delivery were not priorities at that time and in any case the government and educational servers that were initially on the Internet were covered by a federal edict forbidding the transfer of commercial messages.

Abuse by spammers

In the mid-1990s, with the rise of spamming, spammers resorted to re-routing their e-mail through third party e-mail servers to avoid detection and to exploit the additional resources of these open relay servers. Spammers would send one e-mail to the open relay and (effectively) include a large

blind carbon copy A blind carbon copy (abbreviated Bcc) is a message copy sent to an additional recipient, without the primary recipient being made aware. This concept originally applied to paper correspondence and now also applies to email. "Bcc" can also stand f ...

list, then the open relay would relay that spam to the entire list. While this greatly reduced the bandwidth requirements for spammers at a time when Internet connections were limited, it forced each spam to be an exact copy and thus easier to detect. After abuse by spammers became widespread, operating an open relay came to be frowned upon among the majority of Internet server administrators and other prominent users. Open relays are recommended against in RFC 2505 and RFC 5321 (which defines SMTP). The exact copy nature of spam using open relays made it easy to create bulk e-mail detection systems such as Vipul's Razor and the

Distributed Checksum Clearinghouse Distributed Checksum Clearinghouse (also referred to as DCC) is a method of spam email detection. The basic logic in DCC is that most spam mails are sent to many recipients. The same message body appearing many times is therefore bulk email. DCC ...

. To counter this, spammers were forced to switch to using

hash buster A hash buster is a program which randomly adds characters to data in order to change the data's hash sum. This is typically used to add words to spam e-mails, to bypass hash filters. As the e-mail's hash sum is different from the sum of e-mails ...

s to make them less effective and the advantage of using open relays was removed since every copy of spam was "unique" and had to be sent individually. Since open mail relays make no effort to

authenticate Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating ...

the sender of an e-mail, open mail relays are vulnerable to address spoofing.

Anti-spam efforts

Many Internet service providers use Domain Name System-based Blackhole Lists (DNSBL) to disallow mail from open relays. Once a mail server is detected or reported that allows third parties to send mail through them, they will be added to one or more such lists, and other e-mail servers using those lists will reject any mail coming from those sites. The relay need not actually be used for sending spam to be blacklisted; instead, it may be blacklisted after a simple test that just confirms open access. This trend reduced the percentage of mail senders that were open relays from over 90% down to well under 1% over several years. This led spammers to adopt other techniques, such as the use of

botnet A botnet is a group of Internet-connected devices, each of which runs one or more Internet bot, bots. Botnets can be used to perform distributed denial-of-service attack, distributed denial-of-service (DDoS) attacks, steal data, send Spamming, sp ...

s of

zombie computers A zombie (Haitian French: ; ; Kikongo: ''zumbi'') is a mythological undead corporeal revenant created through the reanimation of a corpse. In modern popular culture, zombies appear in horror genre works. The term comes from Haitian folklore, ...

to send spam. One consequence of the new unacceptability of open relays was an inconvenience for some end users and certain

Internet service provider An Internet service provider (ISP) is an organization that provides a myriad of services related to accessing, using, managing, or participating in the Internet. ISPs can be organized in various forms, such as commercial, community-owned, no ...

s. To allow customers to use their e-mail addresses at Internet locations other than the company's systems (such as at school or work), many mail sites explicitly allowed open relaying so that customers could send e-mail via the ISP from any location. Once open relay became unacceptable because of abuse (and unusable because of blocking of open relays), ISPs and other sites had to adopt new protocols to allow remote users to send mail. These include

smart host A smart host or smarthost is an email server via which third parties can send emails and have them forwarded on to the email recipients' email servers. Smarthosts were originally open mail relays, but most providers now require authentication from ...

SMTP-AUTH SMTP Authentication, often abbreviated SMTP AUTH, is an extension of the Simple Mail Transfer Protocol (SMTP) whereby a client may log in using any authentication mechanism supported by the server. It is mainly used by submission servers, where aut ...

POP before SMTP POP before SMTP or SMTP after POP is a method of authentication used by mail server software which helps allow users the option to send e-mail from any location, as long as they can demonstrably also fetch their mail from the same place. The POP b ...

, and the use of

virtual private network Virtual private network (VPN) is a network architecture for virtually extending a private network (i.e. any computer network which is not the public Internet) across one or multiple other networks which are either untrusted (as they are not con ...

s (VPNs). The

Internet Engineering Task Force The Internet Engineering Task Force (IETF) is a standards organization for the Internet standard, Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster ...

(IETF) has written a

best current practice A best current practice, abbreviated as BCP, is a ''de facto'' level of performance in engineering and information technology. It is more flexible than a standard, since techniques and tools are continually evolving. The Internet Engineering Tas ...

s covering Email Submission Operations in RFC 5068. Note that the above only becomes an issue if the user wishes to (or has to) continue to send e-mail remotely, using the ''same'' SMTP server which they were previously accessing locally. If they have valid access to some ''other'' SMTP server from their new, remote location, then they will typically be able to use that new server to send e-mails as if from their old address, even when this server is properly secured. (Although this may involve some reconfiguration of the user's

email client An email client, email reader or, more formally, message user agent (MUA) or mail user agent is a computer program used to access and manage a user's email. A web application which provides message management, composition, and reception functio ...

which may not be entirely straightforward.) The

CAN-SPAM Act of 2003 The Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act of 2003 is a law passed in 2003 establishing the United States' first national standards for the sending of commercial e-mail. The law requires the Federal Tra ...

makes it illegal to send spam through an open relay in the

United States The United States of America (USA), also known as the United States (U.S.) or America, is a country primarily located in North America. It is a federal republic of 50 U.S. state, states and a federal capital district, Washington, D.C. The 48 ...

, but makes no provision on their use for personal e-mail or their operation in general; the effectiveness of the act has been questioned.

Modern-day proponents

The most famous open mail relay operating today is probably that of

John Gilmore John Gilmore may refer to: * John Gilmore (activist) (born 1955), co-founder of the Electronic Frontier Foundation and Cygnus Solutions * John Gilmore (musician) (1931–1995), American jazz saxophonist * John Gilmore (representative) (1780–1845), ...

, who argues that running an open relay is a

freedom of speech Freedom of speech is a principle that supports the freedom of an individual or a community to articulate their opinions and ideas without fear of retaliation, censorship, or legal sanction. The rights, right to freedom of expression has been r ...

issue. His server is included on many open relay blacklists (many of which are generated by "automatic detection", that is, by anti-spam blacklisters sending an (unsolicited) test e-mail to other servers to see if they will be relayed). These measures cause much of his outgoing e-mail to be blocked. Along with his further deliberate configuration of the server, his open relay enables people to send e-mail without their IP address being directly visible to the recipient and thereby send e-mail

anonymously Anonymity describes situations where the acting person's identity is unknown. Anonymity may be created unintentionally through the loss of identifying information due to the passage of time or a destructive event, or intentionally if a person cho ...

. In 2002, his open relay, along with 24 others, was used by a

computer worm A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It will ...

to propagate itself. John Gilmore and other open relay proponents declare that they do not support spam and spamming, but see bigger threat in attempts to limit Web capabilities that may block evolution of the new, next generation technologies. They compare the network communication restrictions with restrictions that some phone companies tried to place on their lines in the past, preventing transferring of computer data rather than speech.

Closing relays

In order not to be considered "open", an e-mail relay should be secure and configured to accept and forward only the following messages (details will vary from system to system — in particular, further restrictions may well apply): * Messages from local

IP address An Internet Protocol address (IP address) is a numerical label such as that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface i ...

es to local mailboxes * Messages from local IP addresses to non-local mailboxes * Messages from non-local IP addresses to local mailboxes * Messages from clients that are

authenticated Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating a ...

and

authorized Authorization or authorisation (see American and British English spelling differences#-ise, -ize (-isation, -ization), spelling differences), in information security, computer security and identity management, IAM (Identity and Access Managemen ...

In particular, a properly secured SMTP mail relay should not accept and forward arbitrary e-mails from non-local IP addresses to non-local mailboxes by an unauthenticated or unauthorized user. In general, any other rules an administrator chooses to enforce (for instance, based on what an e-mail gives as its own envelope from address) must be in addition to, rather than instead of, the above. If not, the relay is still effectively open (for instance, by the above rules): it is easy to forge e-mail header and envelope information, it is considerably harder to successfully forge an IP address in a

TCP/IP The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the communication protocols used in the Internet and similar computer networks according to functional criteria. The foundational protocols in the suite are ...

transaction because of the

three-way handshake The Transmission Control Protocol (TCP) is one of the main protocols of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is common ...

that occurs as a connection is started. Open relays have also resulted from security flaws in software, rather than misconfiguration by system administrators. In these cases, security patches need to be applied to close the relay. Internet initiatives to close open relays have ultimately missed their intended purpose, because spammers have created distributed botnets of zombie computers that contain malware with mail relaying capability. The number of clients under spammers' control is now so great that previous anti-spam countermeasures that focused on closing open relays are no longer effective.

References