Open-relay
It is understood as open relay ('open relay' in English) an SMTP server configured in such a way that it allows any Internet user to use it to send email through it, not just mail destined for or coming from known users. This used to be the default setting on many mail servers; in fact, it was the way the Internet was originally created, but open mail relays have become unpopular due to their exploitation by spammers and worms. Many relays were shut down or blacklisted by other servers.
History and technology
Until the 1990s, mail servers were commonly configured as open relays intentionally; this configuration was also often the default installation configuration on UNIX systems. The traditional store-and-forward method of transmitting an email message to its destination required it to be passed from one computer to another (through and over beyond the Internet) via telephone modems. For many of those early networks, such as UUCPNET, FidoNet, and Bitnet, lists of machines that were open relays were a critical part of those networks. Email message filtering and email delivery speed were not priorities at all. At that time and in any case, the government and educational servers that started the Internet were covered by a federal decree that prohibits the transfer of commercial messages. RFC
Abuse by spammers
In the mid-1990s, with the rise of spam, spammers resorted to sending their email through third-party servers to avoid detection and exploiting the additional resources of these open servers. Spammers would send an email to the open relay and (effectively) include a large bcc list, then the open relay would broadcast the spam to the entire list. While this greatly reduced bandwidth needs for spammers, spammers at a time when Internet connections were limited, forced each spam to be an exact copy and therefore easier to detect. After abuse by spammers became widespread, the operation of an open relay became frowned upon by most Internet server administrators and other major users. RFC 2505 and RFC 5321 (defining SMTP) recommend that there be no open broadcasts. The exact copy nature of spam using open relays made it easy to create bulk email detection systems, such as Vipul's Razor and the Distributed Checksum Clearinghouse. To counter this, spammers were forced to start using hash cheats to make them less effective, and the advantage of using open relays was lost, as each copy of the spam was 'unique'. and had to be sent individually.
Since open mail relays make no effort to authenticate the sender of an email, they are vulnerable to address spoofing.
Anti-spam Efforts
Many Internet Service Providers use DNSBLs (DNS-based Block Lists) to reject open relay mail. Once a mail server is detected or reported as allowing third parties to send mail through it, they will be added to one or more such lists, and any mail coming from them will be rejected by other mail servers using those lists. those sites. The relay need not actually be used to blacklist spam: instead it can be blacklisted after a simple test that only confirms open access.
This trend reduces the percentage of mail senders who were open relays from 90% to less than 1% over several years. This led spammers to adopt other techniques, such as the use of spam botnets. zombie computers to send spam.
One of the consequences of the new unacceptability of open relays was an inconvenience to some end users and some Internet service providers. To allow customers to use their email addresses on Internet sites other than company systems (for example, at school or at work), many mail sites explicitly allow open relay so customers can send mail. email through the ISP from anywhere. When the use of open relays became unacceptable due to abuse (and unusable due to blocking of open relays), Internet providers and other sites had to adopt new protocols to allow remote users to send mail. These include smart hosts, SMTP-AUTH, POP before SMTP, and the use of virtual private networks (VPNs). The IETF has written current best practices covering Send Email Operations in RFC 5068.
Note that this only becomes a problem if the user wants (or has to) continue sending email remotely, using the same SMTP server they were previously accessing locally. If they have valid access to another SMTP server from your new remote location, then you will usually be able to use that new server to send email as if it were from your old address, even when this server is secured. (Though this may involve some reconfiguration of the user's email client which may not be entirely straightforward.)
The Can Spam Act of 2003 makes it illegal to send spam through an open relay in the United States, but does not contain any provision regarding sending personal email through them, or otherwise to its operation, although the effectiveness of the act has been questioned.
Modern proponents
The most famous open relay operating today is probably that of John Gilmore, who argues that keeping a broadcast open is a matter of free speech. Your server is included in many open relay blacklists (many of which are generated by "auto-detect" i.e. anti-spam blacklists that send a test email to other servers for see if they will be transmitted). These measures cause much of your outgoing email to be blocked. Coupled with your deliberate configuration of this server, open relay allows people to send email messages without their IP address being directly visible to the recipient and therefore both send an email anonymously. In 2002, his open relay, along with 24 others, was used by a computer worm to spread.
John Gilmore and other advocates of open broadcasting say they don't support spam, but see a bigger threat in attempts to limit the capabilities of the Web that could block the evolution of new, next-generation technologies. They compare the restrictions on network communication with the restrictions that some phone companies tried to place on their lines in the past, which prevented the transfer of data instead of just voice.