When an SMTP server receives an email message that is not for one of its local domains, the default behaviour is to look up the "mail exchanger" address for the destination domain and forward the message there. Most SMTP servers belong to some organization, and use this function to handle outbound email for all of the clients in the organization. If the server applies no checks to make sure that the messages it forwards actually originate within the organization, it is an "open relay" that will forward messages for anyone in the world. (If it also does not properly build the Received: header, including the actual source IP address from which it received the message, it could be an *anonymizing* relay.) Spammers *LOVE* to abuse open relays, especially anonymizing ones. It gives them a chance to use your CPU and bandwidth instead of their own, and probably means that most complaints that result will come to you, rather than to them!
"vendor" has sent a test message by way of your server, and saw that it got relayed. Odds are very high that your email server is an open relay -- this used to be quite common on first installation. In order to avoid being abused by spammers (NOTE: "vendor" probably tested your server *because* it has already been abused...), you need to modify its configuration to only relay internal-to-external and external-to-internal, and no longer relay external-to-external. Exactly how you fix this depends on the particular email server software you run. http://spamcop.net has (or used to have) links to instructions for the most common current server products, but they seem to be down today. Most "vendors" that perform this kind of test do so in order to maintain a list of open relays; many sites have a policy of not accepting mail from servers on the list. Well-run lists include directions for how to get your server taken off the list, and these will usually include similar links to instructions for limiting relaying. David Gillett > -----Original Message----- > From: JasonTay [mailto:[EMAIL PROTECTED] > Sent: July 8, 2003 19:20 > To: [EMAIL PROTECTED] > Subject: Mail relay > > > hi, > > i had experience the following:the following is some feedback > from our vendor: > > We had try the following:on using a relay/spam tool from some > website, we verified that we are able to relay through your > mail server. > As such, we can safely conclude that the cause of the problem > is linked to "other parties" using your smtp Server > as a "Relay Host > > Pls kindly advise on what solution should i use. > > thks > > -------------------------------------------------------------- > ------------- > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by > top analysts! > The Gartner Group just put Neoteris in the top of its Magic Quadrant, > while InStat has confirmed Neoteris as the leader in marketshare. > > Find out why, and see how you can get plug-n-play secure > remote access in > about an hour, with no client, server changes, or ongoing maintenance. > > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm > -------------------------------------------------------------- > -------------- > --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
