Do you get spam? You know, all those unwanted messages sent from strangers offering you everything from porn to mortgages. Ever wonder how they manage to send out so much stuff. Well, they get a lot of help. They don't get it from the likes of AOL or other on-line services. These services prevent folks from sending e-mail to a lot of addresses all at once. Matter of fact, when the Rotary Club of San Antonio, the world's largest, started sending out its weekly newsletter via e-mail, it had a real problem because they were using AOL and AOL wouldn't let them send to that many recipients at once. So how do they do it? Well, like I said, they get a lot of help. They get it from unsuspecting and improperly configured e-mail servers. Maybe even your server.
But what would you care if they did use your server? Well, for one thing it can put an extra load on that machine and bog it down, especially if you have a lot of your own users. It can also generate a lot of notifications of undeliverable messages that will hit your administrator's inbox. One of my clients got over 50,000 such messages! We're still trying to delete them all. But worst of all, it may get your server Black Holed! There are several "services" on the Internet that look for e-mail servers that will indiscriminately allow e-mail traffic to be sent through them. These are called "open relays." If you've ever configured your e-mail client and had to enter the name or address for your SMTP (Simple Mail Transfer Protocol) server, you have used a relay. Whether the SMTP server allows any one or just certain authorized folks to send through it, determines whether it's open or not. Computers that compile the black hole lists search for systems that are open relays and add them to these lists. Corporations and ISP's will subscribe to these black hole lists and their servers will reject any messages sent from open relays in the assumption that it will be spam. If your server is an open relay and on the list, you most likely won't be able to send your own legitimate e-mail to these corporations! This can cause real problems for businesses. Microsoft has a number of articles on black holing on its Web site. Read knowledgebase article 300580, especially. To see if you're on a black hole list, go to ORDB.org.
This past Winter I had two clients who wound up on black hole lists. One was running Exchange 5.5 and the other Exchange 2000. (Actually, the Exchange 2000 server wasn't on the list as we had just upgraded from Exchange 5.5, which was what actually put his IP/Domain on the list.) Exchange 2000 by default is configured to not be an open relay. However, in Exchange 5.5, the standard practice used to be to configure the Internet Mail Service (IMS) to allow relays. The configuration suggested by the setup was necessary to allow POP3 access.
You configure IMS in Exchange System Administration by selecting Connections, then Internet Mail Service. Select the Routing tab. You will see two choices: "Do not reroute incoming SMTP mail"; and "Reroute incoming SMTP mail (required for POP3/IMAP4 support)". If you select the first option, you will not be an open relay and won't get on the black hole lists. However, if you have any users outside your network who get their mail from your server, or you like to check your mail from home, you must check the second option which then makes you an open relay. Bummer! Fortunately, there is a way around this. First you must have applied Exchange Server 5.5 Service Pack 1. This adds an extra button to this screen called "Routing Restrictions". From here you can specify that you will allow relaying for certain folks. You can accept traffic from a specific network if you have their IP address. Normally though, you will simply tell it to allow relaying from users that are authenticated in your system. That means they have a valid user name and password.
This will allow your home users, whose IP address likely changes every time they log on to the Internet, to send e-mail through your server. However they also need to do a little extra to configure their e-mail program so that they will be accepted by your server. If they are using Outlook or Outlook Express, they must configure their outgoing (SMTP) server settings. For example, I am using Outlook 2002. When I specify my SMTP server, a box is available for "More settings". This opens up the Internet E-mail Settings dialog box. Under the Outgoing Server tab is a check box for "My outgoing server (SMTP) requires authentication". This box must be checked if I want to send through my now secure e-mail server, and gives you access to several more options. Normally I choose "Use same settings as my incoming server". In this case, the system will use the same user name and password you supplied to get access to your incoming mail. You may also specify a different user name and password if that is appropriate. This works whether your server is running Exchange 5.5 or Exchange 2000.
Once you get your server properly configured, then you must contact the black hole list managers and ask them to take you off their list. Be warned. They don't take your word for it. They will test your system extensively to be sure. It can take many days to get off a list and there are several of them. It's best to not get on a list in the first place.
