As part of your EasyStreet domain name and access services, EasyStreet provides a backup mail server. We configure a backup mail server (mxqueue.easystreet.com) as part of our DNS configuration for your domain as long as your mail server is on an EasyStreet IP address. If your mail server becomes unavailable, mail for your domain is delivered to the backup server. Once your mail server is again available, the backup will automatically deliver the queued messages to your server. In most cases this delivery of queued messages happens within two hours. Queued messages are stored for 7 days before being bounced back to the sender.
Many EasyStreet accounts having static IP addresses support the running of a mail server. Running your own mail server entails special obligations regarding protection of the server from becoming a source for unsolicited e-mail (spam). Much of the spam circulating on the Internet today is sent via mail servers known as "open relays".
Mail servers work by relaying messages between a sender's e-mail program and the destination mailbox of the recipient. The sender's e-mail program says "Here, send this for me." and the mail server says "Okay." Without specific protection, the mail server will do this for anyone - a user on the LAN or a spammer on the Internet.
Mail servers that don't discriminate based on the type of user are called "open relays". Spammers regularly scan IP addresses looking for open relay mail servers. If your mail server is one, they will find it and exploit it - guaranteed.
To stop the spammer, the mail server should be configured to accept messages only from authenticated users on the LAN. When a spammer says "Here, send this for me." the protected mail server says "Sorry but I don't relay for outside users." and the message bounces. Many mail servers support relaying. Relaying allows an external source to supply messages that the mail server then delivers.
Open relays are very bad.
Aside from being bad by sourcing spam and bogging down your mail server, open relays can also make both your mail server and your domain name become blacklisted. (And as your ISP, EasyStreet is often also included in the blacklisting.) If blacklisted, you will be unable to send mail to any users of the ISP who did the blacklisting. You are not usually notified about being blacklisted. You only find out when you investigate why mail is being rejected. Getting off the blacklist means a lot of work in contacting each mail administrator and proving to them that your mail server now has relaying disabled.
To reduce these problems, EasyStreet requires that all mail servers using EasyStreet IP addresses, and even those not using EasyStreet IP but handling mail for EasyStreet-registered domains, have relaying disabled. We test the mail server for relaying upon any change to the DNS MX mail pointer. This catches many open relays however we have found that closed relays often become open relays after system patching and other administrative actions.
Thanks to Abuse.Net you can test for open relay yourself. Go to their Mail Relay Testing page. Put your mail server's IP address in the "Address to Test" field and a checkmark in the "Create an abuse.net" box. (Don't worry about "Your abuse.net password".) And select "Test for Relay".
If you have any doubts about whether your server has disabled relaying or not, feel free to contact EasyStreet Advanced Support (503-646-8400 or support@easystreet.com) and we'll be happy to run a quick test.
Special Note for Microsoft Exchange Server
Many of our corporate customers use Microsoft Exchange Server. It's a great mail server but be very careful with relaying on Exchange. Two major issues with Exchange: First, Exchange's default configuration is as an open relay. You must specifically disable relaying (see below). Second, all known Microsoft Exchange service packs and patches have re-enabled relaying without warning. Much of the spam on the Internet can be directly attributed to recently patched Exchange Servers. Don't be one of them!
Open relays are a serious problem. If a mail server on the EasyStreet network is actively sourcing spam, we attempt to contact the mail server administrator via phone and e-mail. If the server admin is unavailable, we may suspend the access account serving that mail server.
Having an open relay mail server is a violation of EasyStreet's Acceptable Usage Guidelines. Due to the high support overhead in dealing with open relay violations, there is an administrative charge for such violations. There is no charge for the first instance. There is a $100 charge for the second instance and $200 charge for each subsequent instance.
To see if your mail server is on any blacklists, check your IP on the Multi-RBL listing.
Fixing Open Relays (all mail servers)
Exchange 5.5 Server Configuration
Turn Relaying OFF in Microsoft Exchange 2000
Turn Relaying OFF In Microsoft Exchange 5.5 (With Service Pack 2 or higher)
Turn Relaying OFF in Microsoft Exchange 5.5 (Without Service Pack 1 or 2. Select last bullet item as the fix.)
Turn Relaying OFF In Novell GroupWise(Version 5.2 and 5.5)
Fixing guest account exploit
Other Exchange issues
EasyStreet offers our Enterprise Edition Anti-Spam/Anti-Virus service for customers running their own mail server.
Copyright © 2000-2003 EasyStreet Online Services, Inc. All rights reserved.
EasyStreet and the EasyStreet logo are registered trademarks of EasyStreet Online Services. Certain other names, logos, designs, titles, words or phrases on this site may constitute trademarks, servicemarks or tradenames of EasyStreet or other entities which may be registered in certain jurisdictions.