UNIVERSITY COMPUTER CENTER (UCC)
Correspondence No. DDD00091
INFORMATIONAL ITEM: November 3, 1998
Third-Party Mail Relay
ATTENTION: Deans, Directors, Department Heads, and Other Interested Parties
The University Computer Center (UCC), and other University of Connecticut organizations supporting e-mail, have recently taken steps to reduce the abuse and exposure of the University's e-mail systems to third-party mail relaying. These steps are necessary if we are to be taken off the lists which block the delivery of our mail to some sites. Additional steps will be taken in the near future to further secure university e-mail systems from abuse. A policy was adopted by the above group to alleviate the existing problem and prevent future problems.
The policy adopted by the group reduces the risk that a UConn mail server will be added to lists used by some sites to block mail. It will also allow us to have existing mail servers removed from this list. The policy adopted is that a mail server may only allow mail relaying if the user is on the UConn network. For more details, see:
http://www.ucc.uconn.edu/relay.html
If any UConn mail server does not conform to this policy, it will be prevented from sending mail to other mail servers on the UConn network that do conform to the policy. The result will be that users on the non-conforming mail server will be unable to communicate with users on other UConn mail servers. Please ensure that your mail server administrator sees this communication.
Third-party mail relaying occurs when a UConn mail server allows an external user's (external to UConn) e-mail client to send mail to a UConn mail server for processing and delivery to a user who is not on that mail server. In such a case, the UConn mail server allows non-UConn individuals on the Internet to send e-mail through UConn to a non-UConn e-mail address. This is a misuse of UConn-funded resources and can interfere with the legitimate work of UConn students and employees. Mail relaying is often used to send spam.
Spam is unsolicited mail sent to a number of e-mail addresses, usually to solicit business. It is not only annoying or offensive, but can also be harmful to the e-mail system by flooding the mail queue of the mail server or of an individual user. By using a mail relay, a spammer tries to hide the true source of the spam. By spoofing (using a false or fake e-mail address), the spammer hides the true e-mail address from which the spam was sent.
A greater problem is mail relaying which results in UConn e-mail users being unable to communicate with certain Internet users. Mail servers at some organizations will not accept mail from any mail server which allows mail relaying. Lists such as the Open Relay Blocking System (ORBS) list and the Mail Abuse Protection System (MAPS) Realtime Blackhole List (RBL) identify servers which allow relaying. Two UConn mail servers are known to be on the ORB list.
An excellent source of information on this problem is located at:
Those who have a non-UConn ISP should use the ISP's mail server to send their outgoing mail. Attempts to use a UConn mail host from an external ISP will result in an error message and non-delivery of the outgoing mail. This situation applies only to those who currently use a non-UConn ISP and have configured their mail client to use a UConn mail server (e.g., uconnvm.uconn.edu) to get outgoing mail service for mail they wish to send to others at UConn or on the Internet.
If you should have questions, please contact the Computer Center Help Desk at 486-4357/HELP.
This communication and other informational mailings to Deans, Directors, and Department Heads are viewable on the Computer Center "Policies" Web page at the following address:
http://www.ucc.uconn.edu/uccpols.html
By: Malcolm L. Toedt, Executive Director