About usContact usSite help
Quick links
Search this site

Home * Products Internet Access Hosting & Web Services Hardware & Security Mobile Services Voice Services Data Services Domain Services * Channel Partners * Business Resources Knowledge Centre Case Studies Business Solutions Useful Links * Helpdesk Product Help Technical Library Network Status Customer service * Toolkit WebMail Fax to Email DVS Control Centre Web Password Internet query tools Downloads Dial Companion for Broadband * Demon Newsletter

Home  |  Helpdesk  |  Product Help  |  AUP  |  Mail AUP  |  Open Mail Relay

Open Mail Relay


What is an Open Mail Relay?
Put simply, an Open Mail Relay (OMR) is a machine which accepts mail from unauthorised or unknown senders and forwards it to a destination outside of your machine or network. In general, a properly configured mail server should only accept mail from third parties if the mail is addressed to a local user, and conversely, it should only accept mail for third parties if the mail is from an authorised user. [There are other special cases, such as when operators agree that one server should act as a backup for another.

Unfortunately, the default settings for a large number of mail servers are such that they will allow anyone on the Internet to relay through them.

What are the consequences of running an Open Mail Relay?
By running an OMR you are effectively allowing anyone on the Internet to use your resources to send their mail. Junk mailers can use your mail server to send thousands of junk mails on to other Internet users. You may then find yourself inundated with angry and rude responses from those recipients who believe that you sent the junk mail to them. In addition, you will find that your bandwidth is severely limited whilst the mail is being sent, slowing down your legitimate use of the Internet.

If you, as a Demon customer, are using our smarthost [post.demon.co.uk] then the junk mail will get sent through that machine and could cause it to be blacklisted by the Internet community. This then affects our entire customer base who may find that their legitimate mail is being bounced as a result of the misconfiguration of your server.

How Demon is dealing with the problem
For many years now our Access Acceptable Use Policy has prohibited customers from running OMRs. Over the past year, as the number of mail servers being exploited in this way has increased, we have altered our policies and procedures to combat the problem

We announced in July 2002 that we are scanning our IP Address space, looking for machines that are vulnerable to unauthorised relaying. This will allow us to be more pro-active in preventing customers with OMRs from causing damage to our service.

If you have come to this page after seeing one or more of our test mails then it is very likely that your system is working just fine. The reason why you may see numerous mails is that as part of our testing, we attempt to send a number of mails through your server, all with different envelope headers since various mailserver software has different types of vulnerabilities.

Further Information
Useful information on how to secure a wide variety of mail server can be found at: http://www.mail-abuse.com/an_sec3rdparty.html

A full listing of all of our Acceptable Use Policies can be found at:
http://www.demon.net/helpdesk/aup/

Queries regarding our OMR testing should be sent to:
abuse-scan@demon.net



©Copyright 2008 THUS

*