UC Davis Cyber-Safety Program: No Open Email Relays
If you are a computer user within an academic or administrative department on campus, you may have a Technology Support Coordinator (TSC) who is working to secure your system. Before taking any of the security steps listed below, please check with your TSC.
From the UC Davis Cyber-Safety Program Policy:
"Devices connected to the campus network must not provide an active SMTP service that allows unauthorized third parties to relay email messages, i.e., to process an e-mail message where neither the sender nor the recipient is a local user."
Information...
What is an open mail relay?
An open email relay occurs when a mail server processes a mail message
where neither the sender nor the recipient is a local user.
Why is this important?
Mail services that are configured (or mis-configured) to act as open
relays allow unauthorized users to send mail through that server. Spammers
commonly seek out open relays and commandeer them to send unsolicited
email messages. Additionally, the possibility of fraud exists as malicious
users can forge their email address in a mail message and it will seem
legitimate, as the message is originating from a campus email server.
Campus sysadmins recommend...
- Securing Your Mail System Against Relay
- CleanAccess: Software that automatically detects, isolates, and cleans infected or vulnerable devices that attempt to access your network
- GFI Languard: Automatically detects security vulnerabilities on your network. It also provides in-depth information about all machines/devices, patch management, etc.