Mail Server-Prevent Open Relaying of Spam

What is SPAM e-mail?

Spam is junk e-mail. It's e-mail that is bulk-mailed to people who have not requested it, differentiating it from e-mail that you get because you subscribed to a mailing list. The messages may contain commercial information, wishes for luck, notices of philanthropic opportunities, humor, etc. Some of them are simply chain letters that ask you to redistribute the message to others. See www.cauce.org for more information and examples.

How is the University involved in distributing SPAM?

University servers with unrestricted open "mail relays" are being hijacked by spammers to send millions of pieces of unwanted, unsolicited e-mail, often without the knowledge, much less consent, of their owners/administrators. This is misuse of the University's good name and resources under false pretenses to mask delivery of unwanted e-mail.

It's not just one person's or one department's problem, it's a problem for the University as a whole. Allowing unrestricted relay of third party e-mail is a violation of the Acceptable Use of Information Technology Resources and User Authentication for Access to University Computer Resources policies (see http://www.policy.umn.edu/).

How is the University Affected?

• Blacklisting of University servers
  The University server that did the relaying may be placed on a blacklist. This can lead to other sites blocking e-mail from the blacklisted site or from all University servers. Each time an open relay on campus is used to send unsolicited email, the University runs the risk of being listed in a blocking service.
• Loss of reputation
  Those who receive the e-mail relayed through a University server often regard the University as the source of the apam. Those who do know that the University was being used as a relay regard the inability to prevent the relaying as incompetence.
• Increased network usage
  University network resources (such as the Internet access purchased from outside vendors) are burdened by the huge volumes of spam. This often can be millions of e-mail messages.
• Impairing the performance of e-mail servers
  A spammer using a University machine as a relay can overload the e-mail server. The server may crash, its disk may fill, legitimate e-mail could be lost, and, at the very least, the departmental users will experience disruption to their ability to use e-mail.

How to fix it?

Many computers have e-mail services enabled by default. Many University servers were configured to relay e-mail by default regardless of origin and destination. Some vendors have been shipping servers with old insecure versions of the e-mail server applications.

If you run an e-mail server that accepts third party relay (e-mail from outside the U to recipients outside the U), spammers and intruders will eventually find your system and use it for sending apam or for harassment. Campus system administrators need to take steps to block or control third-party relay through their servers.

It is recommended that whenever possible the central University e-mail hubs be used instead of departmental e-mail servers:

• Departmental e-mail system administrators, who have special setups, should have their sendmail processes pointed to relay.tc.umn.edu.

If, after careful evaluation, it is determined that an e-mail server is needed:

• Departments should centralize e-mail services in one server or e-mail hub instead of running it on multiple machines and configure the server to selectively allow authorized e-mail relay. It is an ongoing responsibility of the system administrator to maintain e-mail services at the latest supported release of the operating system or e-mail server package. MAPS, the Mail Abuse Protection System, has a Web page (http://www.mail-abuse.com/support/an_sec3rdparty.html) that explains how to configure e-mail servers to prevent third party w-mail relaying.
• Upgrade your e-mail package and reconfigure the server to selectively allow authorized e-mail relay. It is an ongoing responsibility of the system administrator to maintain w-mail services at the latest supported release of the operating system or w-mail server package. MAPS, the Mail Abuse Protection System, has a Web page (http://www.mail-abuse.com/support/an_sec3rdparty.html) that explains how to configure e-mail servers to prevent third party mail relaying.

How to test after fixing?

• MAPS, the Mail Abuse Protection System, has a web page (http://www.mail-abuse.com/support/an_sec3rdparty.html) that explains how to test your computer.

Whom to contact for assistance?

• For questions, call 1-HELP, (612) 301-4357
• For assistance in reconfiguring or upgrading your software, contact University Computer Services (612) 624-4800.

Other Links

• For other Spam Control Options at the U, see Manage your University e-mail account
• Procedures for reporting violations within the University
• For more information on Spam at the U, see Spam
• To report spam to the appropriate resources, see SpamCop