---------------------------- MAIL SERVER SOFTWARE UPGRADE ---------------------------- Last weekend I installed a new version of "sendmail", our SMTP server software. This is the software that handles most of the e-mail delivery chores on our system. I've spent the past week learning the new version's new features and capabilities and poking and prodding its configuration files to tune sendmail to our needs. Most of the changes in the new sendmail are bug fixes, security patches and performance enhancements, but there is one very significant change you should know about. I'm sure you've all heard the term "spam", even if you've never received any. It refers to unsolicited (and usually unwanted) e-mail sent to thousands of recipients at a time by "spammers" (e-mail mass marketers). It clogs our e-mailboxes, bogs down our mail servers, eats up our network and Internet connection bandwidth, and is almost universally despised. The new sendmail provides two weapons in the fight against spam: o It allows us to block mail from known spammer domains (cyberpromo.com, for example) and from known individual e-mail addresses associated with spam. This will not completely stop spam from reaching your e-mailbox, but it should help to reduce the volume of spam considerably. o It allows us to block spammers from using our server as a mail relay. This won't affect the amount of spam you get in your e-mailbox, but it will eliminate the considerable load on our server caused by spammers using us as a relay. Most mail handled by a mail server is either from a local sender to a remote recipient or from a remote sender to a local recipient. Mail relaying, on the other hand, is where mail is sent from a remote sender to a mail server, and from there to a remote recipient (or multiple remote recipients). Until a year or so ago there wasn't much reason to worry about this. There were (and still are) valid reasons for relaying, and abuse was uncommon. Relaying was considered a legitimate mail delivery function in the wide open Internet of the time. Then along came the e-mail mass marketers, popularly known as spammers. Spammers have always been considered an undesirable element on the Internet. People who receive spam are quick to complain, and reputable providers are quick to cancel accounts of people who send spam. The spammers discovered that relaying could help them to hide their identities and keep them out of trouble with their own local providers. Because of this the use - without permission - of mail servers as relays has increased rapidly and has become a major problem. Over the past few months hundreds of thousands of spam messages have been relayed through BCPL's mail server. This imposes a terrible load on the server, on our network, and on our connection to the rest of the Internet. The new sendmail's ability to prevent relaying stops this abuse dead in its tracks. Our mail server will now deliver mail from a BCPL sender to a non-BCPL recipient, or from a non-BCPL sender to a BCPL recipient, but it will no longer relay mail from a non-BCPL senders to non-BCPL recipients. The spammers can no longer use us as a relay. That's the good news. The bad news is that it may cause problems for a small number of BCPL account holders. Do you make PPP connections via another provider? Do you have direct network access at school or work? If either is true, while using that non-BCPL connection do you use BCPL's mail server to send mail to non-BCPL recipients? This is a relay, so it will no longer work. There is no practical way to make exceptions, because there is no practical way to distinguish between "good relays" and "bad relays". Relaying is either enabled or disabled, and it has to be disabled if we are to keep the spammers from abusing our mail server. If you find yourself in this situation, here is a simple workaround. Mail programs designed to work over network or PPP connections actually interact with two different kinds of mail servers: One to send your outgoing mail, the other to collect your incoming mail. o An SMTP server. This is the mail server to which your PC or Mac mail program sends your outgoing mail. Always set that address to point at a mail server belonging to the network or ISP through which you are accessing the Internet. For example, if you are using a PPP connection to Erol's, you should use Erol's SMTP server address, not BCPL's. If you are using a networked computer at your desk at Widgets R Us, Inc., then you should use the Widgets R Us SMTP server. o A POP3 server. This is the mail server from which your Mac or PC mail program collects your incoming mail. If you want to collect your BCPL mail, use BCPL's POP3 server's address (mail.bcpl.lib.md.us) even if your PPP or network connection is via someone else. Most POP3 servers (including BCPL's) will allow access from anywhere as long as you have a valid login name and password. POP3 server software is independent of sendmail, so sendmail's restrictions do not apply when you are collecting your mail. We are one of the last providers in the area to disable mail relaying. Almost everyone else did it long ago. The same is happening all over the world. Thanks to the spammers, unrestricted mail relaying has become a thing of the past. Sad to say, the whole Internet is becoming more restrictive every day, primarily in reaction to the rapidly increasing number of abusers - the spammers, hackers, crackers, and others of their ilk. Whether we like it or not, the good old days of unrestricted access are over. ------------------------------------------------------------------- If you have questions about this, or about anything else related to your BCPL Internet Account, please contact the BCPL Help Desk. Phone: 410-887-3297 FAX: 410-887-2091 E-Mail: help@mail.bcpl.lib.md.us Help Pages: http://www.bcpl.lib.md.us/help.html (or enter "help" at the UNIX shell prompt) System News Archives: http://www.bcpl.lib.md.us/sysnews.html (or enter "sysnews" at the UNIX shell prompt)