Every IT admin is familiar with the term Smarthost or Proxy server; it is a safety mechanism which is used to protect the integrity of your local data so that it is not being exploited to the Internet. It is common practice now that all email servers route outgoing mail through a Smarthost for protection, so why would anyone compromise this security. Well there are a number of reasons why IT admins would use this approach and the Cons clearly outweigh the Pros.
The reasons may include:
- Outbound emails are not being delivered.
- Upper management refuses to have their email verified before delivery.
- Complex policy settings are causing mail flow disruptions.
- Unfamiliarity with the Proxy or Smarthost solution.
All of these reasons may seem like the perfect ones for having the IT admin whitelist an IP address or disable the Smarthost configuration but this will lead to a world of headaches once information is compromised on the local network. Network administrators can spend hours troubleshooting and diagnosing the problem which costs the company time. The hours spent on a single issue, such as a compromised account, and having to rebuild towards a clean reputation can take weeks compared to the 2 hours it took to cause the damage! IT administrators work hard for months, sometime years on designing a sound, protected network, and in a split second, by the simple act of someone having sent out a few emails with jpegs, it can all come crumbling down. Compromising your security infrastructure is really not worth doing for any reason whatsoever!