School technology leaders, beware: The Federal Trade Commission (FTC) has issued a warning to businesses, school systems, and other organizations cautioning them not to fall victim to increasingly insidious spammers who now hijack computer servers owned by legitimate entities to send a flood of unsolicited commercial eMail.

The May 15 initiative—launched in conjunction with 17 different law enforcement and consumer protection agencies—calls on businesses and other institutions, including schools, to fortify their networks against such infiltrations by closing off "open relays"—technological loopholes that let third-party internet scam artists route spam across their servers, thereby disguising the messages' true origin.

Industry experts say schools are among the most likely targets for such attacks, because their reputations are such that people tend not to question the validity of the messages they send out.

"Schools are beautiful targets because they are inherently trusted," said Charles Stiles, the technological director of America Online's postmaster group, a division dedicated to protecting customers against the proliferation of illegal spam.

"Open relays" are eMail or proxy servers that maintain an open door to the internet. According to the FTC, spammers exploit open relays to avoid getting zapped by filtering systems put in place by internet service providers to protect customers from unwanted solicitations. Open relays also allow spammers to hide their true identity, making it harder for federal authorities to trace them.

The practice could have serious consequences for school systems that become victims of this tactic. Not only does the additional eMail traffic threaten to slow a school system's network to a crawl, but a hijacked mail system also could lead to a denial of service by eMail providers.

Whether or not a school system intentionally sends the messages, many internet service providers—including AOL—have established strict blocking policies designed to cut down on the spread of spam. According to Stiles, if a school is suspected of unknowingly hawking spam to AOL customers, the company will institute a block on all eMail messages coming from the offending server until the problem is resolved or the open relay used for the attack is closed.

"There is a period of time where [eMail from an unwitting accomplice] might get blocked," Stiles acknowledged. In the event that a block does occur, however, AOL immediately sends out an electronic notification of the problem to the offender and provides access to a 24-hour hotline dedicated to restoring service.

Still, even after service is restored, the ill will generated by the use of a school system's servers to send spam might linger, the FTC warns. Also, recipients of the unwanted eMail messages might flood the offending school system's servers with complaints.