Select Page

Cyren Security Blog

Outbound spam – what’s the problem?

Almost a year ago Commtouch released its Outbound Spam Protection (OSP) for Service Providers. Since then, I have been involved in numerous installations of the system and I would like to share my experience so far. If you asked me to describe it in just 2 words, I would say “It Works!”, and if you asked me to do the same in three words, I’d say “It Works Wonders!” “Exploring the backroads of the Catlins” (c) 2005 Jeremy Ginsberg

Before I go into details about OSP, I’d like to write about the outbound spam problem. From what I’ve seen so far, the amount of spam going out of an average service provider in North America ranges between 1% to 10% of the total outgoing email traffic. This is much less than the incoming spam, where spam percentage is usually in the high 90s. It therefore appears to most service providers that there is no big system resource and bandwidth consumption issue.

The problem begins with the side effects of outbound spam. The most serious side effect is IP blocking by RBL, DNSBL, and IP reputation systems. This causes queue buildup on the affected mail server, delays in message delivery, and may result in lost messages and calls from unhappy end-users.

Another problem is compromised user accounts and blocking of legitimate outbound email (false positives). Although the awareness of the importance of cyber security is growing, many people still fall victims to malicious activities. Their computers or accounts get compromised and used by spammers. Blocking compromised accounts by service providers leads to customer dissatisfaction and churn.

Another aspect of the outbound spam issue is loss of potential profit. For example, some domain registrars provide free email accounts with domain registration, but allow domains to be returned within a few days after registration. Spammers register hundreds of domains, create as many email accounts as possible, send spam out and then return the abused domains. Thus they waste service provider resources and prevent legitimate buyers from using these domains.

Finally, 1% of outbound email traffic may look like a low number, but in fact it means thousands of spam messages.

To sum it all up, the side effects of outbound spam are: damaged reputation, customer dissatisfaction, increased operational costs, and loss of profit. This combination is the real problem created by outbound spam.

So, how does Commtouch’s OSP help to resolve the issue? The idea is quite simple – it addresses the source of the problem, rather than only fighting its symptom. It identifies and blocks locally generated spam as well as globally known spam outbreaks. It enables service providers to pinpoint the compromised system or user account. It does these things all in real time, based on policies set up by the service provider. Costly false positives are avoided by design, many otherwise manual processes can be automated, and spammers will find it very challenging to abuse service providers protected by Commtouch.

The solution works for various kinds of service providers. I’ve installed it at

  • ISP’s,
  • Shared and Dedicated hosting providers,
  • Messaging Security Service providers,
  • and helped to integrate it into our partners’ products.

It has always been a rewarding experience, always a success!

In one case, an ISP messaging team that was dealing with IP blocking and queue buildup issue almost on a daily (and often nightly) basis, got their life back after installing Commtouch’s solution and automating certain processes.

In another, on the second day of evaluation by a dedicated hosting provider our system detected and allowed blocking a spammer that was responsible for 40% of their outgoing spam!

So if you are a service provider and you need to resolve your outbound spam issue, allow me to install the Commtouch Outbound Spam Protection solution for you and very soon you will be able to say: “Outbound spam? Not a problem!”

Photo “Exploring the backroads of the Catlins” (c) 2005 Jeremy Ginsberg

You might also like

Square Enix Phishing Campaign

From July 20 until August 16, 2021, Cyren observed a significant increase in the number of Square Enix phishing URLs. The campaign coincided with 14 days of free play announced by Square Enix on July 12, 2021. During this period, we detected a total of 47,076 URLs for...