The 20 Minute E-mail Solution!
TOC PREV NEXT INDEX

Background on SMTP Protocol Security

If you are unfamiliar with "spamming" and "spoofing," the following paragraphs provide some background.

The SMTP standard for Internet messaging allows electronic mail to make its way across a network in "hops" by passing from one computer system to another, repeating this process until the mail arrives at its final destination. This is part of the original design of SMTP and was necessary in the early days of the Internet in order for email to travel between various networks. In the current Internet this is not necessary and mail usually is delivered directly from the sending host to the receiving host. Exceptions to this include application gateways that are used to bridge firewalls.

This inherent design of SMTP allows a host computer that needs to deliver a message to another computer (or even hundreds or thousands of recipients) to make a connection (or multiple connections) to some other SMTP server and ask that server to relay the message(s) on its behalf.

Recently, there has been a lot of controversy over unwanted email. Many companies and ISPs have been blocking the receipt of this mail from known sources, as it is possible to deny access to a sending machine by using a firewall or some other method. Once a bulk mailer's home mail server is known and blocked, senders of bulk email - taking advantage of SMTP's open design - may attempt to deliver their mail through someone else's computer by asking the other computer to route that mail for them.

Senders of unsolicited email can also use this method to try to hide their real identity by manipulating the headers in the message in a certain way and then sending the message through your system for delivery to its final destination - making it appear as if the message originated from the relaying server. This is known as "spoofing." (IMail Server, however, will always include the IP address of the source in the message headers.)

When a bulk mailer chooses your computer to deliver unsolicited mail to thousands of other people (known as "spamming"), your system immediately becomes busy delivering messages that didn't originate with your users, tying up your valuable system resources.

IMail Server offers several ways to protect your server against such abuse. The following sections describe these security options.


Ipswitch, Inc.
http://www.ipswitch.com
TOC PREV NEXT INDEX
©Ipswitch 2005