skip to main content

Messaging Services

SMTP Relay History

Prior to 1998, SMTP was completely open through the firewall and any machine capable of accepting SMTP had nothing between it and the internet at large.

When spammers and other mail server abusers began identifying and using open-relays to handle their out-going mail queues for them, Texas A&M started receiving many complaints from the end recipients of the unwanted mail. In some cases an open-relay server on campus was then sending its outgoing through Texas A&M IT mail servers causing end-sites to begin blocking Texas A&M IT mail machines and threaten legal action.

At the time, there were nearly 5,000 mail servers on campus that would individually pop up as an abused open-relay, to be manually closed at the firewall after a problem appeared. After months of attempting to deal with the problem in that manner, it became obvious that a more encompassing approach would have to be made.

The answer was a combination of systems being put into place that could securely handle the entire mail load of Texas A&M University, add DNS entries so that the new servers could forward for all hosts in the network, and block SMTP for all hosts at the firewall.

A similar watershed event took place in 2002 with the outbreak of certain e-mail viruses. Since a major vector of transmission is email and the current state of desktop and small-server virus scanning was not stopping them, it was deemed necessary to add virus scanning to the SMTP relay infrastructure. At the same time, the software could perform checks for spam, so potential spam messages were tagged, but no blocking was performed based on the spam scan due to the subjective nature of spam.

In August 2009, both the and complexes were moved to IronPort mail relay appliances. Changes were also made in the anti-virus and anti-spam software. Previously, the relays used anti-virus software by the ClamAV project and anti-spam software by the Apache SpamAssassin project. With the migration to the IronPorts, the relays use Sophos anti-virus software and the IronPort proprietary anti-spam engine. The handling of spam was also modified to discard spam with a score greater than 90 and quarantine spam with a score between 50 and 90.

The IronPort appliances were very effective at reducing the amount of spam reaching campus, but were less effective at fighting phishing emails. To address this issue, the IronPort appliances were replaced with Proofpoint appliances in May 2014. The Proofpoint appliances use F-Secure anti-virus software and Proofpoint proprietary anti-spam and anti-phishing software.