Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

What’s a Relay Server?

Question: I ran into a situation the other day where a friend’s email address was hijacked and used for sending spam. He was getting numerous bounce-back notices from mail he had not sent. Then his ability to send mail shut down. When we contacted the mail host, we were told that his account had exceeded the relay quota for the day and further that it couldn’t be reset manually but would reset naturally over the next day. What is a relay server and how is it different from the regular email server I use at my (different from my friend’s) host?

Generally, relaying has a very specific definition, but I’m not certain it applies in your case. Your email provider might be using it in a non-standard way.

Either way, relaying is a fundamental way that email travels from your outbox to your recipient’s inbox.

Become a Patron of Ask Leo! and go ad-free!

Email from me to you

Conceptually, email is very, very simple. I address a message on my computer or device and send it to you. You receive it on whatever device you use for email.

Basic mail transfer - point A to point B

My mail server (askleo.com in this case) sends it to your mail server (randomisp.com in the example above), from which you can retrieve it.

While it wasn’t always so, I’d venture to say that well over 95% of email is sent this directly: sender’s mail server to recipient’s mail server.

Mail relay: example

Email need not be routed directly. It’s possible for an intermediary server to be involved.

Simple email relay

In this example, rather than sending the mail directly to you, the originating server (askleo.com) delivers it to a third-party intermediate server (“somerandomservice.com”). Once the delivery is complete, that middleman server delivers the message to your mail server.

That middle server has relayed the message by passing it on to its destination. There’s no limit to the number of intermediate servers that could be used. My email to you could be relayed through dozens of servers, if need be.

It’s rarely needed today, but when the email system was originally developed, the concept of relaying was required because there was no way to guarantee that a server like ask leo.com could connect directly to randomisp.com.

These days, relaying is often a side effect of how sites and servers are deployed. For example, several servers might share a common intermediary server for email delivery through which all outgoing email is routed.1

Mail relay: definition

If a server receives an email for a domain that it hosts — such as my askleo.com server receiving email for leo@askleo.com — it need do nothing other than deliver that email to my inbox.

On the other hand, if a server receives an email for an email address on a domain (like randomisp.com) that does not reside on that server, it has two choices:

  • Bounce or ignore the email: “I don’t handle email for randomisp.com.”
  • Pass the message along to the real randomisp.com server.

Servers that make the second choice are called relay servers.

The open relay: a spammer’s dream

Let’s say you’re a spammer and you want to send email to lots and lots of people. You can:

  • Send that email directly to each email address’s server. You’ll quickly be identified as a source of spam and blocked.
  • Sent that email to a relay server that accepts incoming email from anyone and send it to anyone — what’s called an open relay.

As long as that open relay fails to block you, you can send as much email as you like to anyone you like.

Needless to say, open relays are a bad thing. The correct configuration insists that either of two conditions be met:

  • The incoming email is destined for an email address on the server. So, for example, the askleo.com email server will accept email from anyone as long as the email is being sent To: an askleo.com email address.

Or

  • The server asking to relay email must itself be authorized to do so. This is usually done by having some kind of email administration account the server uses to log in to the relay server.

In effect, a well-configured mail server will say, “If the email’s not for someone on this server, and I have no idea who you are, you can’t send. Go away.”

Technically a relay, but not usually called one

If we look a little closer at the simple case we started with, we see it’s a little more complicated than we originally envisioned. If I send you an email:

Email from My PC to Yours

 

My PC, running a desktop email program like Microsoft Office Outlook or Thunderbird (not a webmail interface in your browser), sends the email to the askleo.com email server, which sends it to the destination mail server, randomisp.com. The next time you load your desktop email program, the message is copied or downloaded to your PC.

In a sense, each email server acts as a type of relay. In the first step, askleo.com relays my message between my PC and your email service, and in the second step, randomisp.com’s email service is relaying incoming email from askeo.com to your PC.

Technically, we don’t refer to this as relaying, even though it kind of is. The term generally refers to email-server-to-email-server relaying, without consideration of the PCs at either end.

However, this looser interpretation of relaying is the only explanation I can come up with for your email provider’s choice of words: that the “account had exceeded the relay quota for the day”. That such quotas might exist is nothing new — it’s one more thing we can blame on spammers having made necessary, for exactly the reasons your friend encountered. Rate limits or quotas are one way that ISPs limit the damage — i.e. spam — from such a situation. What’s odd is the choice of terms. Normally, it’s simply referred to as a sending quota, not a relay quota.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

Podcast audio

Play

Video Narration

Footnotes & references

1: Coincidentally, this is how email sent by askleo.com is routed: through a third party service that specializes in email delivery.

5 comments on “What’s a Relay Server?”

  1. This isn’t the same thing but open relays remind me of when I started using email in the mid-nineties. To send an email over an SMTP server, it didn’t require any authorization. Anyone could send email through any SMTP server. Spammers had a field day with that and eventually SMTP servers were no longer “SIMPLE” Mail Transfer Protocol. They became more complex. They began requiring account verification methods like Receive Before Send or logging on the the SMTP server.

    Reply
  2. I’ve often wondered why a tiny charge is not made for each email – say a fraction of a penny. This would minimally affect most legitimate email senders: I only send a dozen a day and could afford that. Commercial senders presumably send mail because it brings a return. However a spammer sending millions of mails will be hit by a significant charge that hopefully wipes out the profit from the few obliviots that respond.

    Of course sites such as yours which are largely free would suddenly have to charge. I wonder if it would stack up.

    Reply
    • While appealing, there are a lot of reasons — both practical and philosophical — why this will never happen. And yes, depending on the specific charge it could put sites like Ask Leo! out of business. (I send hundreds of thousands of emails each month.)

      Reply
    • I’d expect spammers to find a way around this, similar to faking the from and reply to field…
      Skip the fee and shove it down the throat of some unfortunate soul.

      Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.