|Q1.||What is an Open Relay?|
|Q2.||What is an Open Proxy?|
|Q3.||Why are Open Relays and Open Proxies bad for the Internet?|
|Q4.||Why are Open Relays and Open Proxies bad for the Owner?|
|Q5.||What is JARING policy with regards to Open Relays and Open Proxies?|
A1: One of the main functions of e-mail servers is "relaying": sending e-mail on behalf of its users. For example, in a typical organisation, all staff desktops are configured to use the organisation's own e-mail server to send all outgoing e-mail. The organisation's e-mail server then 'relays' staff e-mails to their intended destinations, anywhere in the Internet.
An "Open Relay" is an e-mail server configured (often misconfigured) to indiscriminately relay any e-mails from anyone in the Internet, to anyone in the Internet.
A2: Another common facility in a typical organisation is a proxy server, which connects to the Internet on behalf of its users, either for Internet connection sharing, web caching, or organisational policy enforcements. Typically, all staff desktops are configured, either directly ot transparently in the organisation's Internet gateway, to connect to the Internet via the organisation's own proxy server. The organisation's proxy server then connects on behalf of the staff, to any intended destinations, anywhere in the Internet.
An "Open Proxy" is a proxy server configured (often misconfigured) to indiscriminately accept connections from anyone, anywhere in the Internet, and connect to any resource in the Internet on their behalf.
A3: Please refer to JARING Acceptable Use Policy (AUP) for definitions of "Spammers" and "Spam". Typical Spammer's modus operandi is as follows:-
1. Get cheap, identity-less, "throwaway" accounts with ISP (e.g. dial-up account via prepaid packages), so that termination of these accounts do not affect them operationally or even legally.
2. Regularly scan the Internet for new valid e-mail addresses via dictionary attacks, or new Open Relay / Open Proxy servers via network scanners. (These resources are either maintained and sold by another party, or shared among the Spammer rings).
3. Spammer makes use of these resources to send Spam to potentially millions of addresses in a short amount of time, rendering E-mail close to unusable for its recipients.
A4: Possible repercussions for the owner(s) of servers with an Open Relay or Open Proxy include but not limited to the following:-
1. Get accused of assisting the Spammers, or being negligent, i.e. allowing their resources to be integral part of Spam operations.
2. Their mail servers, which they may rely on for their own important communications, get bogged down sending the Spammer's E-mail.
3. Many sites (including JARING) block all E-mail from known Open Relays, which means legitimate mail flowing through these servers will end up being blocked by remote sites trying to protect themselves from the flow of Spam.
4. If the owner of an Open Relay or Open Proxy is billed for their traffic, they may end up paying a considerable financial penalty for inadvertently forwarding mail for Spammers.
A5: Spam is a violation of JARING Acceptable Use Policy (AUP), and as described in the AUP, are not allowed to propagate through JARING network regardless of their origin or their intended destinations. Enforcements of this policy, specific to Open Relays and Open Proxies, are as follows:-
1. JARING Customers Running Open Relays and Open Proxies
Customers who fall into this category, both knowingly or unknowingly, are in direct violation of the AUP. They are responsible for disabling the Open Relay / Open Relay setup in their servers as soon as possible. Failure to comply in a timely manner may result in escalated actions as described in the AUP Section 5: VIOLATIONS.
2. All Other Internet Users Running Open Relays and Open Proxies
Although these users are outside of JARING's jurisdiction, JARING still has a right to enforce measures for blocking any traffic originating from these users from coming into JARING's networks. One example of such measures is the use of public lists of known Open Relays and Open Proxies, namely the "Distributed Server Boycott List" (DSBL: http://dsbl.org), and Spamhaus XBL (http://www.spamhaus.org/xbl/index.lasso). JARING's method of usage is as follows:-
2.1. Up-to-date lists are downloaded on a daily basis from DSBL and XBL
2.2. Each Internet host trying to deliver e-mail to JARING customers are checked against this list. If one host's IP address is enlisted in the DSBL list, the e-mail is rejected with the following bounce message sent back to the sender:-
"50 Mail from a.b.c.d rejected, see http://openrbl.org/?a.b.c.d"
More information on this and other bounce messages, and ways to fix the situation, can be found in JARING Anti-Spam Policy.
If you have a question about Open Relays not addressed by this FAQ (not regarding help securing a specific server), please E-mail email@example.com.
References:-  JARING Acceptable Use Policy (AUP)  JARING Antispam Policy