Home Page

Firewalls

Email & Spam

Security Terminology

Security Topics

VPN & Cryptography

Wireless

 

Email Security and Spam Terminology

Zero Day Window

BATV

Bayesian Algorithm

Content and Connection control

Directory Harvesting Attacks

Email Encryption

Email Archiving

File attachments

Image scanning

Email Load balancing

Port forwarding and MX records

Reputation filters

Encrypted attachments

Grey Listing

Email Monitoring

Internal Email Security

Open Relay

Outbound email filtering

Per user quarantine area

Reverse DNS lookup & SPF

RFC Compliant emails

SMTP IMAP4 or POP3

Spoofed email

Stopping spam for Networks guide

Email Throttling

What is Spam

Which Spam filter

Whitelists and Blacklists

 

Security Products Guide

Which Anti-Virus Software?

Which Firewall?

Which Spam Filter?

Which Internet Security Suite?

 

What is Guide

What is a Firewall?

What is a Virus?

What is Spam?

 

Essential Security Guides

Securing Windows XP Guide

Securing Windows Vista Guide

A Guide to Wireless Security

 

Other

Top 8 Internet Security Tips

Why both, Firewall and Anti Virus?

Free or purchased security - Which one?

 

 

 

 

Email Open Relay

 

Within your relay settings you configure for what internal hosts your spam firewall will relay email for, to the outside world. Also you would configure for what domains you would accept email to, from the outside world. However leaving the relay open which is known as an open relay poses a major threat, in which anyone can use the open relay server to send email messages inbound or outbound using the resources of that server. A spammer would send large volumes of email messages through the server. This is because you have nothing specified in your relay settings, so your relay server would accept email from anyone to anyone. This is very dangerous and you would very quickly find your domains and IP addresses blacklisted.

To secure a proxy email server from being an open relay, you would typically specify your internal hosts that emails can be sent from to the outside world, which would usually be your firewall, exchange / domino server. If a connecting host not within this list attempts to send email to the outside world the email proxy server will reject the email message. You can specify this using an IP address or hostname. Also wildcards can be used if more than one host is required. You would also specify your domain and any other domains that email messages from the outside world are accepted for. An even more secure method would be to specify an LDAP server where your email proxy server would check to see if an address destined for a particular user does actually live within the LDAP server. If that user is not listed within the LDAP server, then the email message will be rejected. Using LDAP is much more secure, and is regarded as best practice.

The most common configuration for a spam firewall is to configure it with Microsoft Active Directory. You would configure the spam firewall, and point it to the folder where all your users and groups live within the active directory server. Now when an inbound email comes in, the spam firewall will check the recipient address to see whether it lives within Active Directory and if it does not the email will be dropped immediately. This is another method of connection control. Stopping emails at the connection layer is a good thing, as content control takes up much more memory and processing power when compared to the connection layer.

Further Reading

Wikipedia's guide to Open Relay