The problem with this type of spam is not only its size, but that users have a tendency to forward the animations throughout the system, or to other friends and colleagues on the Internet. [When one of our more brilliant employees decided to download an entire half-hour South Park episode, size sure did matter! --DG] The result is obvious -- email communication is bogged down sending attachments, and storage space is consumed. We have experienced cases in which the mail system became so full of attachments that it consumed server storage, crashing the system.

Spam relaying
Spam mail is typically sent by people who collect email addresses wherever they can find them, i.e., Newsgroup postings, CD ROM-based address databases, domain name registrations, and web site mail-to tags. Several spam outfits offer to sell millions of addresses for next to nothing 40 million addresses for $99 US.

Instead of using their own systems to send 40 million messages, spammers relay mail by using unprotected SMTP hosts on the Internet. If your SMTP host is left unprotected on the Internet, it can act as a potential relay host to send these messages.

How do they spam?
How does a spam sender gain access to your SMTP MTA (Message Transfer Agent) without any security authentication? Simple, SMTP does not require authentication. SMTP simply obeys a set of simple commands. Figure A shows a set of these commands that may be used to send email. Spammers simply load your server with thousands of email messages, essentially hijacking your SMTP MTA and using your bandwidth.

FIGURE A


SMTP commands entered directly into the SMTP MTA. Notice that the domain of this server was edited and replaced with a fake domain. Roll over picture for a larger image.

Even worse, mail that is sent indicates that it was sent from your domain. People who complain about receiving spam mail will be sending mail to your domain, further clogging your systems. Spammers may forge the domain, also shown in Figure A, to indicate that it originated from another domain, but the IP address will indicate that it was sent from your domain, implicating your site.

Versions of the SMTP MTA
Since Domino Release 4.6, the SMTP MTA has been integrated into the Domino server. When you perform the installation of a Domino 4.6 server (or later), you are given the option of installing the SMTP MTA. For Releases of 4.6 and above, the version of the SMTP MTA therefore corresponds to the Domino server Release (4.6a, 4.6.1, 4.6.2, etc.).

Those who are using Domino 4.5x servers may reap the benefits of continual SMTP MTA versions by updating this specific software. The current version of the SMTP MTA for Domino 4.5x servers is 1.2.

Anti-spam NOTES.INI settings
The Domino SMTP MTA includes several improvements in anti-spam protection. Anti-spam measures are implemented by adding parameters to the NOTES.INI file. Each parameter is explained in detail below.

SMTPMTA_REJECT_RELAYS
This parameter was released within SMTP MTA version 4.6. Placing this parameter into operation assures that your SMTP MTA cannot be used as a relay by external spammers. Usage in the NOTES.INI file is as follows: