Network and Systems Services: SMTP-Relay Services



NETWORKS	SYSTEMS	CIS	TAMU

Up a level SMTP Relaying Configuration Greylisting Mail Scanning Virus/spam stats Greylisting	SMTP-Relay Services As of 1998, SMTP was completely open through the firewall and any machine capable of accepting SMTP had nothing between it and the internet at large. When spammers and other mail server abusers began identifying and using open-relays to handle their out-going mail queues for them, TAMU started receiving many complaints from the end recipients of the unwanted mail. In some cases an open-relay server on campus was then sending its outgoing through CIS mail servers causing end-sites to begin blocking CIS mail machines and threaten legal action. At the time, there were nearly 5,000 mail servers on campus that would individually pop up as an abused open-relay, to be manually closed at the firewall after a problem appeared. After months of attempting to deal with the problem in that manner, it became obvious that a more encompassing approach would have to be made. The answer was a combination of systems being put into place that could securely handle the entire mail load of Texas A&M University, add DNS entries so that the new servers could forward for all hosts in the tamu.edu network, and block SMTP for all hosts at the firewall. A similar watershed event is in place currently with the outbreak of certain e-mail viruses that cannot seem to be eradicated from all of the vulnerable machines for whatever reason. Since a major vector of transmission is email and the current state of desktop and small-server virus scanning is not stopping them, it was deemed necessary to add virus scanning to the SMTP relay infrastructure. At the same time, the software can perform checks for spam, so we will include tagging of potential spam messages, but will perform no blocking based on the spam scan due to the subjective nature of spam. (We will use this spam scanning test to help determine if it will be possible to allow a future opt-in spam blocking service, it may or may not ever be possible and feasible). For the initial presentation given to those interested in the security of the Texas A&M University campus computing infrastructure, please see the virus-filtering presentation in PDF. For more information on the configuration of the individual pieces, please see: PureMessage Local Configs and Information Virus Blocking SPAM Scanning

[ NETWORKS | SYSTEMS | CIS | TAMU ]