Open mail relay

[2] Filtering and speed of e-mail delivery were not priorities at that time and in any case the government and educational servers that were initially on the Internet were covered by a federal edict forbidding the transfer of commercial messages.

[7] While this greatly reduced the bandwidth requirements for spammers at a time when Internet connections were limited, it forced each spam to be an exact copy and thus easier to detect.

The exact copy nature of spam using open relays made it easy to create bulk e-mail detection systems such as Vipul's Razor and the Distributed Checksum Clearinghouse.

To counter this, spammers were forced to switch to using hash busters to make them less effective and the advantage of using open relays was removed since every copy of spam was "unique" and had to be sent individually.

The Internet Engineering Task Force (IETF) has written a best current practices covering Email Submission Operations in RFC 5068.

Note that the above only becomes an issue if the user wishes to (or has to) continue to send e-mail remotely, using the same SMTP server which they were previously accessing locally.

[15] In order not to be considered "open", an e-mail relay should be secure and configured to accept and forward only the following messages (details will vary from system to system — in particular, further restrictions may well apply):[16] In particular, a properly secured SMTP mail relay should not accept and forward arbitrary e-mails from non-local IP addresses to non-local mailboxes by an unauthenticated or unauthorized user.

The number of clients under spammers' control is now so great that previous anti-spam countermeasures that focused on closing open relays are no longer effective.

Mail relay diagram