Search DominoPower's 11,323 Lotus-related article archive 
Home
EasyPrint
News details Click here for the RSS feed's XML code. This is not a browser URL.
Articles-only Click here for the RSS feed's XML code. This is not a browser URL.
Twitter Feed Click here for the Twitter feed.
How I learned to stop worrying and love the SMTP MTA (continued)

The problem with this type of spam is not only its size, but that users have a tendency to forward the animations throughout the system, or to other friends and colleagues on the Internet. [When one of our more brilliant employees decided to download an entire half-hour South Park episode, size sure did matter! --DG] The result is obvious -- email communication is bogged down sending attachments, and storage space is consumed. We have experienced cases in which the mail system became so full of attachments that it consumed server storage, crashing the system.

Spam relaying
Spam mail is typically sent by people who collect email addresses wherever they can find them, i.e., Newsgroup postings, CD ROM-based address databases, domain name registrations, and web site mail-to tags. Several spam outfits offer to sell millions of addresses for next to nothing 40 million addresses for $99 US.

Instead of using their own systems to send 40 million messages, spammers relay mail by using unprotected SMTP hosts on the Internet. If your SMTP host is left unprotected on the Internet, it can act as a potential relay host to send these messages.

How do they spam?
How does a spam sender gain access to your SMTP MTA (Message Transfer Agent) without any security authentication? Simple, SMTP does not require authentication. SMTP simply obeys a set of simple commands. Figure A shows a set of these commands that may be used to send email. Spammers simply load your server with thousands of email messages, essentially hijacking your SMTP MTA and using your bandwidth.

FIGURE A


SMTP commands entered directly into the SMTP MTA. Notice that the domain of this server was edited and replaced with a fake domain. Roll over picture for a larger image.

Even worse, mail that is sent indicates that it was sent from your domain. People who complain about receiving spam mail will be sending mail to your domain, further clogging your systems. Spammers may forge the domain, also shown in Figure A, to indicate that it originated from another domain, but the IP address will indicate that it was sent from your domain, implicating your site.

Versions of the SMTP MTA
Since Domino Release 4.6, the SMTP MTA has been integrated into the Domino server. When you perform the installation of a Domino 4.6 server (or later), you are given the option of installing the SMTP MTA. For Releases of 4.6 and above, the version of the SMTP MTA therefore corresponds to the Domino server Release (4.6a, 4.6.1, 4.6.2, etc.).

Those who are using Domino 4.5x servers may reap the benefits of continual SMTP MTA versions by updating this specific software. The current version of the SMTP MTA for Domino 4.5x servers is 1.2.

Anti-spam NOTES.INI settings
The Domino SMTP MTA includes several improvements in anti-spam protection. Anti-spam measures are implemented by adding parameters to the NOTES.INI file. Each parameter is explained in detail below.

SMTPMTA_REJECT_RELAYS
This parameter was released within SMTP MTA version 4.6. Placing this parameter into operation assures that your SMTP MTA cannot be used as a relay by external spammers. Usage in the NOTES.INI file is as follows:


« Previous  ·  1  ·  2  ·  3  ·  4  ·  5  ·  Next »
Other articles you might like
Home > Strategies > Email Management (60 articles)
   Using the Notes Client with Gmail
   Using the Notes client with Hotmail (or not)
   Is English-only a viable mail management strategy?
Get Weekly Email Updates
Subscribe to our regular weekly email newsletter. It's packed with tips, reviews, deep analysis, and the latest news.
 
Recent DominoPower Articles
Lotusphere 2010: mobility and collaboration
2010: A Lotusphere of change
Five trends for 2010
DominoPower TV Episode 1: Inside a strategy session with Teamstudio
More about Domino log files
Say goodbye to the Uh-Ohs. Long live the Tens.
Why your log.nsf might not be purging properly
Latest Lotus Headlines
Recommended Maintenance - Lotus Notes Traveler
Here are the slides and other materials from our Lotusphere session
Microsoft OCS awareness in Lotus Connections and Websphere Portal?
SnTT: XPages Blank Calendar Control (Part 2), adding data
Have your Lotus Notes calendar display multiple time zones
Sample Database for Microsoft Office and Lotus Symphony Integration
Symphony 3.0 beta signals another attack on Office
>> Read all the news
More from the ZATZ journals
Computing Unplugged: The iPad: Apple's latest heartbreaker
David Gewirtz Online: CNN commentary and analysis
OutlookPower: Running auto-respond rules when Outlook is closed
-- Advertisement --

Learn Notes and Domino 8 at your place and pace!
Learn Notes and Domino in your office and/or home! TLCC's highly acclaimed distance learning courses for users, developers, and admins will enhance your career and your resume.

The many included activities and demos will make you a pro! Expert instructor help is a click away.

Click here to try a FREE demo course!!

-- Advertisement --

Struggling with exporting Notes data to spreadsheets? No More!
Try IntelliPRINT, The world's leading Reporting, Dashboards, and Analysis solution for Notes & Domino

  • Don't spend unproductive time maintaining different versions of the same spreadsheet
  • Preserve data integrity and security in multi-user environments
  • Create reports in minutes INSIDE Notes
  • Get freedom from iterative report requests, deliver self-serve capabilities

Experience Reporting, Dashboards, and Analysis INSIDE Notes.

Try IntelliPRINT NOW!

ZATZ Home  ·  News  ·  Back Issues  ·  Credits/Trademarks ·  Link To Us
Copyright © 1998-2010, ZATZ Publishing. All rights reserved worldwide.
Editor's Login