RE: [exim] Re: Thoughts on Open Relays

Top Page
Delete this message
Reply to this message
Author: Eli
Date:  
To: 'Jim Roberts', 'Marc Perkel'
CC: 'Exim Users Mailing List'
Subject: RE: [exim] Re: Thoughts on Open Relays
Jim wrote:
> From: "Marc Perkel" <marc@???>
> >
> > The only reason people got aaway from open relays is bacause of the
> > spammers. But if I solve that problem then why not?
> >
>
>
> Err... Many good reasons have already been posted, having
> nothing to do
> with spam. But I'll toss one more log on the fire, what the heck.
>
> The very most effective first line defense, against any
> misuse of email
> service, is blocking open relaying. If someone tries to
> relay without
> authenticating first, then 100% of the time, with zero false
> positives, they
> should be blocked. It's easy, consumes no additional
> resources (already
> have to check if the addressee is local anyway), is extremely
> effective
> (100% accuracy), saves bandwidth (reject before data), and
> imposes zero cost
> on innocent 3rd parties (in fact, helps out innocent 3rd
> parties). And...
> I don't have to run ANY of those messages through SA or any other
> resource-consuming anti-spam test! (Works even better than
> the "penalty
> box" idea... heh heh)
>
> Now, give even one good reason why anyone should NOT use such
> an incredibly
> cheap and effective tool?


Ah why not - here's my babble too :)

What Jim wrote is the *exact* reason you should never configure your servers
to be open relays. Your (Marcs) statement about why open relays were
abandoned is entirely incorrect. People did not stop using open relays
because spammers started abusing servers - people got away from open relays
once they realized that their servers were poorly configured.

Why on earth would you want a non-client wasting your bandwidth/disk
space/cpu/ram and opening your system to unlimited abuse? Imagine now that
you DO set your system to be an open relay... I could just go ahead and shut
down the 20 or so email servers I have and tell all my 2000000+ clients who
use my mail servers to instead just use your system! I wouldn't have to
worry about bandwidth charges, dealing with buying systems to handle the
load, or having to worry about fixing any email related problems since it's
not my server they're using! Your system would die a horrible death the
instant I told my clients to use your mail server - guaranteed :)

Simply put, not a smart move dude.

Eli.