server protection mechanisms (anti-relaying)
While POP3- and IMAP4-Servers manage the access on the postboxes, SMTP-Servers
have to submit and distribute the messages. This function is called mail relay.
But, unfortunately, they also enable spammers to distribute their messages.
The most important task of a SMTP-Server is to collect an incoming message, contact the DNS Server and relay it to the next SMTP-Server the message is dedicated to and where the user's postbox is hosted. Problems are uprising, when the SMTP-Server gets a large amount of spam mails. This produces not only lots of transfer MBs, it is also administrative- and cost-intensive. In addition to this facts, the rrecipients believe, that the mails are coming from this server.
The easiest way to secure the server, is to implement filter mechanisms to reject such messages. The filters allow the administrator to exclude IPs and even whole domains. A more reliable method is to check the messages' MX-entry. Mails will be only relayed, if they come from an locally registered user and if the number of recipients does not exceed a certain amount. In combination with a good logging system the server administrator decides which messages may and which messages may not be relayed.
Only quite new Mail-Servers products offer good Anti-Spam functions, one good example for Windows NT is the MERCUR Server (http://www.atrium.de/). On Linux and Unix Systems the very common SMTP-Server "Sendmail" (http://www.sendmail.org/) offers good protection mechanisms against spam.
If the Mail-Server does not support filter functions, add-ons such as "Mailshield" (http://www.mailshield.com/) are available. MailShield is a general purpose Internet mail filtering tool. It can be used to block junk mail, prohibit mail relaying, diffuse mail bomb attacks, and other mail filtering tasks. MailShield works by accepting mail on behalf of your regular mail server. The mail that is acceptable is automatically forwarded to your mail server for regular delivery. The mail which is unacceptable is refused by MailShield. You can also have MailShield redirect, tag or rewrite mail that is being delivered. MailShield also has a backup mechanism so that all rejected mail can be saved to a separate email account or to a separate mail server.