NordVPN

A Clear and Simple Explanation of Open Relay

January 13, 2021

The Definition

An open relay is an SMTP mail server. It allows you to receive and transmit mail from an unlimited number of people. Since 2008, an open relay is thought to be a misconfiguration of the mail system. Open relays are now used to send spam. Also it launches denial-of-service attacks on other mail systems.

Open relays do not identify the original sender of messages. Thus, they become vulnerable in the area of ​​hand-made addresses. It does this using an algorithm that changes the email headers. Therefore, the actual and original sources do not match.

Thus, spammers can connect to the server and use it to send e-mail messages. The sender of the message will be tampered with.

How Do Open Relays Occur? And What Are The Consequences?

The main reason for the emergence of open relays is the lack of professionalism of system administrators. A young specialist gets the task of making a mail server. It’s pretty straightforward to implement. You just need to use one program, make a couple of clicks, and your mail will work. However, this quick setup of mail servers results in them becoming open relays. The system administrator must ensure that only real users work with the mail service. Spammers use special programs to search for such vulnerable mail servers and use them for their mass mailings.

Let’s take a look at the risks that come with using open relays:

First is traffic. Almost all mail servers are located on leased lines. In this case, subscribers must pay the provider for the amount of transmitted information, or in other words, for traffic. Spammers use this traffic and send huge amounts of information. Accordingly, the provider will issue a huge bill for the service. All this entails huge losses.

Secondly, there is certainly another side. Not only spammers are looking for open relays, but also those who protect information. If your server is included in one of the 20 global anti-spam databases, at least several thousand mail servers will refuse to accept your emails. Many providers set certain restrictions. One limitation is not accepting mail from open relays.

In short, only spammers benefit from having an open relay. Moreover, if spammers find an open relay, they share information about it with other spammers. I usually happens by posting information on special sites. So, the open relay becomes known all over the world and spam mailings are instantly sent through it.

Types Of Open Relays

1. The main type of open relay is SMTP relay. They are simple outgoing mail servers that send and receive mail using the SMTP protocol. If anyone can send mail through an SMTP server, it is a classic open relay.  Until the 1990s open relays were conventional SMTP email servers. They relayed email between its closed systems.

Here’s a tip to find out if your mail server is vulnerable: on the openrbl website you can check it out perfectly. All you need to do is enter the IP address of your server.

A few words about SMTP Relay. It is a protocol or process for transferring email between servers. This process is also known as MTA. SMTP is the most popular way to transfer e-mail messages on the Internet. This solution is almost 40 years old and is the protocol most commonly used by email providers.

The infographic explains the principle of SMTP relay work:

The explanation of how SMTP relay works

2. The next type of open relay is the socks relay. Socks is a mechanism that allows the request to be made through them. It is even considered to be something more convenient than the SMTP mechanism. Socks makes it possible to request any information from the Internet, and not only send mail. In most cases, the open socks server is a conventional machine where the Wingate program was installed with errors. There are also socks servers on the Unix platform.

When configuring these types of servers, you need to make sure that only a certain range of users are requested through them.

3. This type of open relay is the least common: the provider allocates a line to the client, on which the client himself organizes “forwarding” of port 25 (SMTP) on one of his machines to the 25th port of his provider’s SMTP server instead of configuring the mail server. So when a spammer contacts the client machine, he recognizes the server of the provider of his “victim”. At this time, the ISP’s SMTP server thinks that the client is making a request from its client IP address.

4. Another way to send spam is through open HTTP proxy servers. The HTTP protocol has a connect method. This method is used to send spam if the proxy server allows requests to be made through itself to anyone.

It is important to note that spammers are becoming more resourceful every day. New ways of sending inappropriate mail are emerging. Spammers are not only engaged in mailing but also work to create new technologies for spam. This is why system administrators should always be on the alert.

Tools to test SMTP relay

1. DNS EXIT Mail Server Testing Tool

DNS EXIT provides a set of static / dynamic DNS services. These services are related to email.

Using this mail server testing tool, you can connect to your SMTP server via Telnet and attempt to deliver a message. In the event of a configuration deficiency, the service will notify you of the malfunction and offer a way to fix it.

Mail Server Testing Tool Dashboard

2. DNSQueries

You can also check the SMTP using DNSQueries. It can be used to find out if the server is an open relay. You need to enter the hostname of the SMTP server. There will be an attempt to connect to the server and send letters through it. For Gmail it looks like this: 

DNSQueries dashboard

3. SMTPer

SMTPer is a very simple service for testing your mail server. Even the slogan on the main page of the site says about this: “Simplicity is the highest sophistication” (Leonardo da Vinci). To use this tool, you need information such as SMTP host, sender and recipient email addresses, and port.

SMTPer dashboard

Conclusion

Summing up the above, it is important to mention once again that the work of the system administrator in this matter is a key moment. If you set up a mail server quickly and irresponsibly, then it is guaranteed that it will fall under the influence of spammers. If a mail server turns out to be an open relay, it has huge consequences and huge financial costs. Using the tools mentioned in the article, you can check right now if your mail server is not an open relay. Open relays were the most common source of spam a few years ago.

Several years ago, open relays were the main sources of spam. Of course, with the development of computer security technologies, spammers have to come up with new ways to spread unwanted information through unprotected channels.

David Patterson developed an interest in technology, software, and programming while he was very young. Witnessing the dawn of the internet, computers, and smartphones created a unique fascination for the industry and tech. Today, he-s accomplished his dream of becoming a programmer. He now wishes to help others access the knowledge and tools they need to do the same. That’s the foundation for the Ordb.org magazine.