 |
| | | | | | | | | | | | | | |
Library - Running a clean system
If you would like to contribute some information, please let us know.
Operating eMail systems is a very important responsibility that requires, at minimum, a basic understanding of internet security, ethics and morals, consent, and privacy, balanced with the needs of users.
A "clean system" here refers to an eMail server that is not used to abuse other systems on the internet, especially for the proliferation of spam.
For systems that permit unauthorized access, it's not a matter of "if" they will be exploited, but "when." Although no form of security can ever be as effective as disconnecting from the internet, many things can be done to prevent unauthorized access. A few things to begin with are:
- Block all inbound connections for all services not being provided. The easiest way to do this is to configure a modern firewall to simply block everything, and then open exceptions only for services being provided (typical configurations include HTTP, HTTPS, FTP, SMTP, POP3, IMAP4, DNS, and possibly SSH and ICMP).
- Never set up an open relay or open proxy. Always support the most secure authentication mechanisms available (such as DIGEST-MD5 with SMTP Authentication) as the preferred mechanisms, and enable access logs (which should be monitored regularly for suspicious activity, starting with invalid login attempts).
- Block outbound TCP port 25 from clients who don't need it to prevent unauthorized eMail abuse directly from dynamic connections. Most ISPs set up an SMTP relay internally, but mistakenly configure it as an open relay. All eMail servers should be configured to require authentication to prevent anonymous eMail abuse from SpyWare or viruses that often infect computers used by nontechnical users, by spammers and dark hackers using unsecured wireless networks, and so on.
- Regularly check log files for suspicious activity. This is one of the most overlooked areas in computing, and is one of the simplest security tools available. Log files routed to /dev/null (effectively disabled) should be viewed as an indication that someone may not be paying attention to their systems.
- Only operate eMail lists that use a confirmed opt-in mechanism, and make absolutely no exceptions to this because unconfirmed eMail lists are regularly exploited by spammers.
This is not a comprehensive list; it is intended as a starting point. A knowledgeable postmaster must have a basic understanding of internet security, which includes maintaining and altering firewall, eMail, and operating system configurations and updates in order to keep the system properly secured.
At the core of every society are ethical and moral standards. When these standards are violated in a healthy society, the offender(s) will experience objections at various levels, and may even find themselves dealing with policing or other public authorities when the violations are very serious. To maintain a healthy society, it is everyone's responsibility to object to unethical and immoral acts, and to report criminal activity to the appropriate public authorities, in order to discourage and stop it by making it clear that such behaviour is intolerable.
Failing to pay attention to well-known issues such as internet security, and particularly spam which is commonly used for the promotion of illegal activities (e.g., financial transaction fraud, stock scams, software piracy, child pornography, etc.), has the potential to lead to involuntary involvement in criminal activity for ISPs that sit idly by and do nothing about it.
The "not our problem because one of our customers sent it" attitude is a mistake for eMail server owners because they are not willing to fix a problem that they know is occurring, and thus also in turn failing to protect society. This and similar attitudes cause skeptics to wonder if such ISPs either are the spammer, or are in business with the spammer (both possibilities are undesireable).
Every eMail user is entitled to the right to "consent" to be on an eMail list. Spammers routinely ignore this fundamental principle in their relentless quest for victims with the intention to exploit (often financially) using many approaches that typically involve scams and other forms of misinformation.
This right to consent is undeniable because the costs associated with the abusive theft-of-service activities routinely committed by spammers is unjust. Some spammers contest this with the arguments like "oh, but users pay a flat rate for unlimited internet access," which simply ignores the fact that these same flat rates could be much lower without spam since the customers are ultimately paying for everything (otherwise business would not be profitable).
When the right to consent is respected, users enjoy far better control over how their time is spent, and how their systems are used.
A professional postmaster will always ask a user before accessing their mailbox. The question should be simple and clear, and the user must affirm before the postmaster or other support staff accesses their eMail.
Strictly exercising a simple rule that all the contents of all users' mailboxes must always be considered as "confidential" and "private," and be protected as "top secret" information, and then enforcing policies to prevent these basic rules from being breached, will go a long way to gaining the trust of users.
Spammers put eMail systems at risk of being blocked from communicating with other systems on the internet, partly due to the valiant efforts of blacklist operators (listings in the more extreme blacklists that are typically not used for blocking should be interpreted as serious "early warning" indicators). Considering the potential financial loss associated with losing paying customers, larger ISPs in particular have a lot to worry about if allowing spammers to continue to abuse the internet from the safety of their networks (such ISPs are considered spam-friendly and are often listed in multiple blacklists).
Postmasters who terminate the accounts of spammers sending junk eMail (and engaging in other forms of abuse) from their networks are reducing/eliminating the risk of having their systems blocked.
Although this may not prevent a system from ever being blacklisted, the immediate termination of spammer accounts and services is a positive contribution to the internet because, besides stopping spam output, it also sends a strong message to the spammers that their abusive acts are not tolerated.
Users are entitled to reliable service, such as sending eMail without having it blocked. When an ISP doesn't take the appropriate steps to prevent their systems from being blacklisted by not terminating spammers immediately, failing to secure their networks competently, picking rotten upstream providers, etc., they are failing to meet the needs of their users.
ISPs who encourage their users to complain to blacklist operators are doing them a disservice by purposefully misguiding their dissatisfaction to an innocent third party. The blacklist operators are not at fault for exercising their right to track sources of spam or other forms of abuse. Once users realize that the system that blocked their eMail is the one in simply acting in self-defence, they begin to doubt the credibility of their own ISP, and as more eMail is blocked at different destinations the user inevitably loses patience with their ISP and seeks an alternative.
Customers are absolutely right in their expectation that they can send eMail to another system without interference due to blacklisting. ISPs that understand this, instead of merely pointing the finger, will take the spam problem seriously and clean up their own networks by terminating spammer accounts promptly.
[Home] [Profile] [Glossary] [Library] [Resources] [Tools] [FAQ] [Site map] [Contact us]
Copyright © Inter-Corporate Computer & Network Services, Inc. All rights reserved.
All trademarks are the property of their respective owners.