FTC and International Agencies Announce Operation Secure Your Server

The United States Federal Trade Commission and 36 additional agencies in 26 countries today announced “Operation Secure Your Server,” an international effort to reduce the flow of unsolicited commercial e-mail by urging organizations to close “open relays” and “open proxies.” As part of the initiative, the participating agencies have identified tens of thousands of owners or operators of potentially open relay or open proxy servers around the world, and the agencies are sending letters urging the owners and operators to protect themselves from becoming unwitting sources of spam.

Open relays and open proxies are servers that allow any computer in the world to “bounce” or route e-mail through servers of other organizations, thereby disguising the real origin of the e-mail. Spammers often abuse these servers to flood the Internet with unwanted e-mail. Their abuses not only overload servers, but also could damage an unwitting business’ reputation if it appears that the business sent the spam.

“Operation Secure Your Server” provides businesses with simple, inexpensive ways to protect their computer systems from misuse. The FTC suggests that businesses consider these questions to determine whether their proxy servers are vulnerable:

• Does your proxy allow connections from untrusted networks such as the Internet?
• Are you using the most current version of your proxy software and hardware?
• Have you applied the latest available patches or upgrades?
• Are you using proper access controls for your server?
• Is someone regularly checking for unauthorized uses of your proxy server?
• Do you have and monitor an “abuse@<yourdomain>” e-mail account where people can report abuses of your proxy server?

“International cooperation is going to play an important role in combating spam, as this project clearly demonstrates,” said Howard Beales, Director of the FTC’s Bureau of Consumer Protection.

Moreover, “government cannot solve the spam problem on its own; everyone with an Internet connection must do their part to make sure that they are part of the solution and not part of the problem.”

The FTC has created a Web page, www.ftc.gov/secureyourserver, that contains information for businesses on how to protect themselves from becoming unwitting distributors of spam. In addition to the agencies’ letter, which is available in 21 languages, the site contains business education and links to other resources.

The FTC and agencies in Albania, Argentina, Australia, Canada, Brazil, Bulgaria, Canada, Chile, Colombia, Denmark, Ecuador, Finland, Hungary, Jamaica, Japan, Lithuania, Norway, Panama, Peru, Romania, Serbia, Singapore, South Korea, Switzerland, Taiwan, and the United Kingdom are sponsoring this initiative.

This year’s “Operation Secure Your Server” follows on the heels of last year’s campaign against open relays, when the FTC and participating national and international agencies identified businesses with potential open relays, urged them to close the relays, and sent information on how to do so.

The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint, or to get free information on any of 150 consumer topics, call toll-free, 1-877-FTC-HELP (1 877-382-4357), or use the complaint form at http://www.ftc.gov. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.