An "open-relay" is a mail server that will
take mail that isn't destined for one of it's local users and delivery to
some other mail server out on the net. Spammers use these mail servers to
off load the processing burden from their ISP's mail server and to try to
hide where the SPAM came from. Open-relays are usually caused by old
versions of mail servers or improperly configured servers.
Contacting the destination server directly from a dialup
account has become more popular as more open-relay servers are being
fixed. The spammer pays (or sometimes doesn't) for a dialup account and
runs special software on their machine that directly contacts the server
they wish to send spam too. This method is used in conjunction with the
name-dictionary attack. For people like me who give out their real e-mail
address to less than ten people in the world and yet still manage to get
spammed, this is often the way it happens. Your name is Thomas Jones. A
lot of people with the names similar to Thomas Jones will use tjones or
jonest for an e-mail address. Spammers take a huge list, and try every
single name against the destination server. Remember, it's not costing
them money, but it can *dramatically* affect the destination mail server,
slowing it down for legitimate user requests.
Whenever you post to a newsgroup or an online chat forum
using HTML, you should think twice before giving your e-mail out. At a
minimum, you might consider making the e-mail harder to extract (ex:
sallyjo@noSpAmCROS.NET.net). There are programs readily available that
will search newsgroups and web sites for e-mail addresses. Don't make
yours easy for them to pick up.
Prevention
First, when a SPAM message says to reply to it to be
"removed from the list", you don't want to hit
reply. If you do, they know they have a live e-mail account. They can
send you more spam, or sell your name to other spammers. You can do
research on the net on how to read the mail headers and try to track down
the user. You do not want to send angry messages to the mail server admins.
It might not have actually passed through some of the servers in the
headers. You also don't want to send multiple messages to the same mail
admin. This can be construed as being SPAM.
What CROS.NET has done to help
Recently, CROS.NET has implemented several anti-spam measures:
- We don't accept mail from open-relay servers that
have been used to send SPAM.
- We don't accept mail from IPs that are known to be
dialup numbers for large ISPs (to prevent direct delivery of SPAM
via a dialup account).
- We don't accept mail from servers who are known to
be 'pro-SPAM'.
The initial testing was started in April 2000. It was
put in place towards the end of the month. The final piece went in place
on Friday, May 9th.
There is nothing that can be done to stop all SPAM, but
from the statistics gathered, we have been stopping over 3,000
pieces of SPAM a day. We built an additional mail server to
help with the process. This new service is provided free of charge. We
like to add value to our service offerings while maintaining our existing
price.
To help insure that we are part of the global solution,
our servers are routinely checked to make sure they are not functioning as
open-relays. Every user of CROS.NET is under the terms of our Acceptable
Use Policy (AUP) which forbids the sending of SPAM through our network.
