Open Mail Relay Security Guidelines
This document contains the following sections:
Early in the Internet's history, the network was far less stable, and had fewer alternate routes between points than it does today. Because of this, mail relaying was a "service" that people provided which helped to ensure that e-mail was deliverable. When a specific node in a path to a particular site was down, a mail relay could "forward" the message to the target site, and stop the mail from bouncing back to its originator. Over time, the Internet has become more stable in this regard, and open mail relays are no longer necessary. Further, since they allow spammers to send out their messages and hide their tracks to some extent, what once was a voluntary service, is now a disservice.
Groups or departments who maintain a mail server.
Purpose of the Guideline
The Carnegie Mellon Computing Policy establishes a general policy for the use of computing, telephone and information resources. The purpose of this guideline is to establish acceptable practices that support the policy as it applies to mail servers and open mail relays.
This guideline was established to ensure that the Carnegie Mellon community has a clear understanding of proper procedure and usage. Computing Services reserves the right to modify this guideline as necessary. Any changes to this guideline will be posted to official.computing-news and will be reflected on this web page.
Open Mail Relays
: Mail systems which allow unauthenticated e-mail messages to be sent from an off-campus sender to another off-campus sender using an on-campus machine as a relay point. This allows spammers to send out their spam messages, and to the uninitiated, it appears that the spam originated from the on-campus "relay" machine.
Spammers: The problem with relaying e-mail occurs when outside users seek out a machine which allows relay, and abuse the relay by sending "spam." Spam can be defined as unsolicited e-mail such as solicitations or advertisements. By relaying mail, spammers can cut down on their e-mail load, make their messages less traceable, deflect attention from themselves, or work around restrictions. For example, it's difficult to determine the origination point of an outside user message that has been relayed. The "from" line information is undependable; and relying on the IP address would cause problems for users who are running clients outside of Carnegie Mellon's network. In general, the relaying of spam has a negative impact on the university's network, mail server, and human resources, as well as the reputation of Carnegie Mellon.
If you are running a mail server, the SMTP (Simple Mail Transfer Protocol) agent should be turned off unless you absolutely need it. If you do need to provide this service, make sure that it is configured to NOT offer open relay.
User Responsibilities and Procedures
Groups or departments should ask themselves, "Do you really need to run a mail server at all?" Many groups at Carnegie Mellon including Computing Services, the Pittsburgh Supercomputing Center, the Software Engineering Institute, Computer Science, Electrical and Computer Engineering, and some others, provide central mail servers. Most of these are provided for members of the specific school or department. Computing Services provides a campus wide mail server via your Andrew ID and Cyrus account. Because of this, it is unlikely that most users have a real need to run their own mail server.
By default, IIS on Windows 2000 will install an SMTP (Simple Mail Transfer Protocol) agent which performs relaying. Unless you absolutely need the mail agent, you should turn it off by following the Microsoft Guidelines for Securing IIS. Note that IIS is NOT installed automatically by Windows 2000 or Windows XP. However you can verify if this service is installed by clicking Start > Run and typing SERVICES.MSC. Look for Internet Information Services (IIS).
Other operating systems, inlcuding most UNIX variants, allow the system administrator to enable SMTP services on the machine. Again, if you do not need to provide this service, do not enable it. If you do need to provide this service, make sure that it is configured to NOT offer open relay.
Guideline Modified: November 3, 2005
Guideline Modified: June 8, 2004