Upload
cyren
View
507
Download
0
Embed Size (px)
DESCRIPTION
Don't Risk the Blacklist - Stop Outbound Spam Research shows 69% of service providers consider outbound spam to be their #1 problem. Customer loss, increased operational costs, brand damage, and even lawsuits are some of the possible consequences of spam emanating from your network. This webinar covers the problems caused by outbound spam, traditional approaches and why they don’t work, and recommend proven solutions to address outbound spam.
Citation preview
Outbound Spam:
Don’t Risk the Blacklist!
December 4, 2013
Agenda
Introduction
The Business Challenge of Outbound Spam
The Limitations of Traditional Approaches
The Commtouch Approach
Summary
Q&A
Poll Question #1
Outbound Spam is a Headache
66% of providers rate outbound spam an
important or extremely important issue
87% believe email providers must actively
eliminate zombies
~40% have had IPs blocked or blacklisted in
last 12 months
49% report outbound spam is damaging their
corporate reputation
56% of customers with email blocked due to
provider spam problems would switch to one
that does not block innocent users
Source: Osterman Research / Commtouch Outbound Spam Study
Poll Question #2
Outbound Spamming Methods
Primary: acquire compromised user accounts
A valid account, compromised by either an email or web attack
Bot/Zombie is leveraged by external spammer to propagate spam
Secondary: create user accounts just for spamming
Example: Top 10 Spam-Sending Domains
These domains could be blacklisted because they are being spoofed!
Source: Commtouch Distributed Spam Analysis, December 2013
Business Impact
Blocked IP Ranges
•Appearing in IP reputation DBs
Lost Revenue and Profit
•Removing addresses from blacklists
• Increased support for unhappy customers
•Customer churn
•Reputational damage
Recurring Attacks
• Spamming continues at lower volumes
Poll Question #3
Limitations of Traditional Approaches
Block port 25
Disrupts legitimate usage
Reverse Inbound Spam Filter
Slow response to new outbreaks
Ineffective locally and regionally
Increased risk of false positives
Throttling/Rate Limiting
Spammers learn to send below the limit
These approaches are ineffective because they only
treat symptoms, not the underlying problem
About Commtouch
Headquartered in
McLean, VA
Other US Offices in
California and
Florida
International:
Germany, Iceland,
and Israel
NASDAQ: CTCH
Established in 1991
180 Employees
Provider of Internet security technology
14+ years SaaS operations
•Protecting ~550 million users
•12+ Billion transactions per day
•12 global datacenters
Select Customers of Our Outbound Solution
The Unique Commtouch Approach
Block based on global patterns
Block using local patterns
Manage approved users
Identify and Report senders
Providing effective blocking and the information needed
to resolve the root cause of outbound spam
A Global Viewpoint
10 Carrier grade data centers: US, Europe, Asia
Operational for over 14 years
Multiple collection nodes distributed worldwide
Service platform
Collection & Analysis
Infrastructure
Leveraging the GlobalView Cloud
Collecting/Analyzing 12 Billion Internet
transactions daily
RPD™ technology, multiple analysis engines
and 3rd party sources
A unified platform for security applications
Protecting ~550 million users worldwide
Cloud
Service Integration via SDK
• Integrates directly into your infrastructure
• Simple to configure and deploy
• Stops Outbound Spam
• Identifies Compromised Legitimate Accounts
• Highlights Malicious Spam Accounts
Simple, Easy Deployment
• Unzip Commtouch Daemon On MTA or Other Server
• Open .conf file and insert the license key and connection string
• Start running traffic
In an Embedded Deployment Model
How Does it Work?
Global RPD
Analyze billions of global emails/day
Detect recurrent patterns
Store signatures of spam emails
Compare email signatures to
find global and local spam
Service
Provider
Outbound
Spam
Engine
Internet
1
3
Local RPD
Analyze local traffic
Detect patterns
Store signatures
2
Uses the common characteristic of all spam - mass distribution
Global RPD identifies outbreaks instantly by distribution patterns
Local RPD detects based on local patterns with configurable thresholds
Identifying New and Well-Known Spam
Identifying Outbound Spam Accounts
Detailing Malicious vs. Compromised Accounts
Outbound Spam causes significant issues and cost
Traditional approaches yield poor results
Commtouch OAS uniquely deals with outbound spam by:
•Blocking spam at source - even when unique to a network
•Pinpointing the accounts - whether compromised or pre-built
•Documenting the root cause
OAS provides a comprehensive solution to:
•Avoid costly blacklisting
•Reduce customer churn
• Increase profitability
Summary
Testimonials
“Our customers now enjoy the very highest level of protection from
the nuisance of spam emails, without risk of having their critical
communications erroneously blocked” CTO – Web.com
“Spammers were using phished accounts to send spam from our
network. We needed a solution to recover compromised accounts,
block spammers and prevent our IP addresses from being blacklisted” EVP, Hostway
“We have gone from being blacklisted every week, to not being
blacklisted at all for the last 18 months” SVP, Hoster
Thank You http://www.commtouch.com/sp-outbound-spam-protection/