The Federal Trade Commission (FTC) has identified more than a million IP addresses that provide open proxy or open relay servers, which spammers can tap to hide their identities.

The FTC and 36 other government agencies from 26 countries have launched 'operation secure your server'.

The effort calls for the agencies to send email to owners of tens of thousands of servers, asking them to check their server configuration for possible open relays or open proxies. operation secure your server will direct the owners to information on how to inexpensively check servers and close the openings.

"We're certain that a lot of people we're going to contact are not aware of the problem," says Don Blumenthal, coordinator of the FTC internet lab. "It's a significant problem."

Wrong address
An open proxy or relay is one way a spammer can co-op another server address when sending unsolicited email. Sometimes a bulk mailer just provides a false return address as part of the mass mailing.

Identifying and taking advantage of open relays is also a favourite tactic of some viruses and worms. Some people suspected that last summer's Sobig virus was dispatched by purveyors of bulk email.

The FTC email sent to server owners will direct them to the secure your server website, which tells how businesses can fix vulnerabilities. The FTC's website provides more information on closing holes. The FTC will send the email for at least a couple of weeks, Blumenthal says.

The message, being sent in 21 languages to server operators around the world, explains that "open relays and open proxies are servers that allow any computer in the world to bounce or route email through them to other internet mail addresses.

"Open relays and open proxies are often exploited by people who flood the internet with spam. This abuse creates problems for consumers worldwide, as well as for law enforcement and your organization."

Related links:
FTC secure your server