Businesses have been warned to check the configuration of their Microsoft Exchange e-mail software after it came to light that a software setting can allow users' accounts to be exploited as a route for mass spam e-mail campaigns.
The problem was highlighted when customers of ISP Demon were used as relays for unsolicited e-mail.
The setting is found in Exchange versions 5.0, 5.5 and 2000. With relay switched on it will allow mail to be forwarded to any other account, without restriction.
MS Exchange Server 5.5 Service Pack 1 and Exchange 2000 address the problem by allowing users to set restrictions on IP addresses allowed to relay mail.
Spammers use robot software to locate vulnerable e-mail software and use it as a route onto the Internet. This can disrupt commercial networks and the Internet.
Ewan Dalton, architectural systems engineer at Microsoft UK, said, "Microsoft tries to make software as easy to use as possible but when that software is deployed on the Internet, additional care needs to be taken in ensuring that it is configured appropriately and that relevant security measures are in place."