Don't Risk the Blacklist - Stop Outbound Spam Research shows 69% of service providers consider outbound spam to be their #1 problem. Customer loss, increased operational costs, brand damage, and even lawsuits are some of the possible consequences of spam emanating from your network. This webinar covers the problems caused by outbound spam, traditional approaches and why they don’t work, and recommend proven solutions to address outbound spam.
2. Agenda
Introduction
The Business Challenge of Outbound Spam
The Limitations of Traditional Approaches
The Commtouch Approach
Summary
Q&A
4. Outbound Spam is a Headache
66% of providers rate outbound spam an
important or extremely important issue
87% believe email providers must actively
eliminate zombies
~40% have had IPs blocked or blacklisted in
last 12 months
49% report outbound spam is damaging their
corporate reputation
56% of customers with email blocked due to
provider spam problems would switch to one
that does not block innocent users
Source: Osterman Research / Commtouch Outbound Spam Study
6. Outbound Spamming Methods
Primary: acquire compromised user accounts
A valid account, compromised by either an email or web attack
Bot/Zombie is leveraged by external spammer to propagate spam
Secondary: create user accounts just for spamming
7. Example: Top 10 Spam-Sending Domains
These domains could be blacklisted because they are being spoofed!
Source: Commtouch Distributed Spam Analysis, December 2013
8. Business Impact
Blocked IP Ranges
• Appearing in IP reputation DBs
Lost Revenue and Profit
• Removing addresses from blacklists
• Increased support for unhappy customers
• Customer churn
• Reputational damage
Recurring Attacks
• Spamming continues at lower volumes
10. Limitations of Traditional Approaches
Block port 25
Disrupts legitimate usage
Reverse Inbound Spam Filter
Slow response to new outbreaks
Ineffective locally and regionally
Increased risk of false positives
Throttling/Rate Limiting
Spammers learn to send below the limit
These approaches are ineffective because they only
treat symptoms, not the underlying problem
11. About Commtouch
NASDAQ: CTCH
Established in 1991
180 Employees
Provider of Internet security technology
14+ years SaaS operations
• Protecting ~550 million users
• 12+ Billion transactions per day
• 12 global datacenters
Headquartered in
McLean, VA
Other US Offices in
California and
Florida
International:
Germany, Iceland,
and Israel
13. The Unique Commtouch Approach
Block based on global patterns
Block using local patterns
Manage approved users
Identify and Report senders
Providing effective blocking and the information needed
to resolve the root cause of outbound spam
15. Leveraging the GlobalView Cloud
Infrastructure
10 Carrier grade data centers: US, Europe, Asia
Operational for over 14 years
Multiple collection nodes distributed worldwide
Collection & Analysis
Collecting/Analyzing 12 Billion Internet
transactions daily
RPD™ technology, multiple analysis engines
and 3rd party sources
Service platform
A unified platform for security applications
Protecting ~550 million users worldwide
Cloud
16. In an Embedded Deployment Model
Service Integration via SDK
• Integrates directly into your infrastructure
• Simple to configure and deploy
• Stops Outbound Spam
• Identifies Compromised Legitimate Accounts
• Highlights Malicious Spam Accounts
Simple, Easy Deployment
• Unzip Commtouch Daemon On MTA or Other Server
• Open .conf file and insert the license key and connection string
• Start running traffic
17. How Does it Work?
1
2
Local RPD
Analyze local traffic
Detect patterns
Store signatures
3
Service
Provider
Outbound
Spam
Engine
Global RPD
Analyze billions of global emails/day
Detect recurrent patterns
Store signatures of spam emails
Compare email signatures to
find global and local spam
Internet
Uses the common characteristic of all spam - mass distribution
Global RPD identifies outbreaks instantly by distribution patterns
Local RPD detects based on local patterns with configurable thresholds
21. Summary
Outbound Spam causes significant issues and cost
Traditional approaches yield poor results
Commtouch OAS uniquely deals with outbound spam by:
• Blocking spam at source - even when unique to a network
• Pinpointing the accounts - whether compromised or pre-built
• Documenting the root cause
OAS provides a comprehensive solution to:
• Avoid costly blacklisting
• Reduce customer churn
• Increase profitability
22. Testimonials
“Our customers now enjoy the very highest level of protection from
the nuisance of spam emails, without risk of having their critical
communications erroneously blocked” CTO – Web.com
“Spammers were using phished accounts to send spam from our
network. We needed a solution to recover compromised accounts,
block spammers and prevent our IP addresses from being blacklisted”
EVP, Hostway
“We have gone from being blacklisted every week, to not being
blacklisted at all for the last 18 months” SVP, Hoster