Retail Security: Spam FightR
Chris Burroughs, director of desktop and voice services for the company, recalled how her e-mail had increased to more than 250 spam e-mails a day within the past year. She was spending excessive amounts of time manually examining and deleting such unsolicited advertisements from her e-mail inbox and yet she still found herself accidentally deleting important messages.
"I would get 50 valid e-mails and 250 spam e-mails every day," Burroughs explained. "And I was worried about the same thing happening to other people in our company."
The Problem
Then the complaints from end users began to increase. She would receive offensive e-mails from spammers herself, and then receive them again from concerned employees asking her how she was trying to stop them. "We decided we had to solve the spam issue before it got out of control."Responsible for the company’s corporate e-mail system, Burroughs first tried an in-house solution, manually writing agents that would block specific domains, but quickly found this approach was a losing battle. Employees would forward spam to the company’s human resources department, and HR would then send them to Burroughs, who would block the offending sites. This manual approach soon became an endless chase.
In evaluating alternative anti-spam solutions, Burroughs decided to give anti-spam and anti-virus managed services from Redwood City, Calif-based e-mail security firm Postini a try.
"At first we were hesitant about pointing our mail exchange records to Postini," said Burroughs, "but we thought a 30-day trial period would at least show us how big of a problem we had and what our return on investment on an anti-spam solution should be." The trial process was easy to implement, and Burroughs decided to test the service with a few executive users, including the CIO. She also sent an e-mail to the entire company inviting participation, and got 250 users to try the service.
The trial was so successful at eliminating spam from employee inboxes that Burroughs was able to roll out the service across the entire company.
The results
Burroughs said that one of the greatest benefits from the service stemmed from its ability to prevent directory harvest attacks. DHAs are designed to net spammers’ lists of valid e-mail addresses at specific companies, to which they can then send additional spam or sell to other spammers. Spammers and other unscrupulous list brokers harvest addresses by sending thousands (or even hundreds of thousands) of messages to multiple addresses such as johndoe@circuitcity.com, or jdoe@circuitcity.com. Spammers track all of the addresses that do not bounce back or generate errors, and consider these as valid addresses.Directory harvest attacks also have a very damaging side effect: consuming enormous amounts of e-mail server resources while e-mail servers try to cope with DHA probes.
The software company’s preemptive technology at the SMTP connection level prevents directory harvest probes from ever reaching Circuit City servers. "We made Postini our first line of defense to prevent directory harvest attacks from overloading our servers," said Burroughs.
Burroughs warned that everyone should be aware of DHAs. "Everyone’s going to get a directory harvest attack at some time," she said.
By signing up with the managed e-mail security service, Circuit City can now prevent directory harvest attacks and denial of service attacks on its e-mail system.
Burroughs also mentioned that end user management capabilities stand out as a major benefit.
"We barely know the Postini service is running," said Burroughs . "It’s easy. It works. What else could we ask for?"
"Everyone in the company thinks our IT department is great for eliminating spam even though we really didn’t have to spend much time and effort once we’d found Postini," she concluded. "All we had to do was point our MX records to Postini’s service and figure out our e-mail policy rules. People throughout the company are now much happier with our e-mail service."
