Forwarding mail off of our servers doesn't work and here's why.

By forwarding mail off of a server, the server acts as a middle man, and all messages forwarded from a server on to their destination will appear to come from the server from which they were forwarded. This includes spam messages that are sent to the forwarded addresses.

In their unrelenting efforts to stop spam, the ISPs (Internet Service Providers--i.e. Earthlink, AOL, Comcast, etc.) bounce any and all messages they determine to be spam and return them to the last server they came from.

When you receive a spam message sent to an e-mail address that uses a forwarder, the spam message is sent from the Internet to our server. The mail servers for our nameservers then forward the e-mail message to the remote SMTP server of wherever you have your forwarder set up to go.

So far in our illustration, everything is working just the way the designers of SMTP (Simple Mail Transfer Protocol) intended it to work. However, they reckoned without the devious minds of folks who prefer to abuse rather than use e-mail. When a spammer sends a spam message he usually uses a fake e-mail address. This is because the spammer does not want to receive the bounced messages and does not want to identify himself as the sender of one of those universally loathed messages.

If we were to allow forwarders to work on our servers, when a spammer sent his message to an actual e-mail account set up on one of our servers, our mail servers would check to see what to do with the message. If a forwarder had been set up for that e-mail address, the e-mail would be forwarded to the remote SMTP server. So, when the remote SMTP server rejected the e-mail because it believes it to be spam, the message would then be sent back to our server where a discard message is created. Our server would try to send this discarded message back to the original sender, but that message will never go out because the original sender (the spammer) used a return e-mail address that does not exist. Because the message can never be sent back to the original sender, the message would just sit in our mail queue, trying to be sent. This has the effect of filling up our mail queue. A very bad scenario for all of us.

In addition, when an ISP receives spam messages from a server, they can choose to block the server that it last came from even though the spam messages did NOT originate from the server they decide to block. This is known as "blacklisting."

The only solution for us all is to not allow forwarders unless the forwarder is an internal one -- one in which the e-mail is forwarded only to another account residing on our server. This is also known as an alias.

For more information about setting up POP3 e-mail accounts on our server, please see this knowledgebase and our tutorials.

Add to Favourites

Print this Article