SureWest Communications Seeks Outbound Spam Protection

By Messaging News staff
in

SureWest Communications is one of the nation’s leading independent communications holding companies. In its Northern California market, SureWest is a mid-sized Internet Service Provider (ISP) offering voice, digital video, high-speed Internet, local and long distance telephone, and wireless PCS.

The Challenge

In late 2007, SureWest identified outbound spam as an issue that could directly affect its Webmail subscribers and began to look for a solution that would solve the problem. Additionally, the company recognized that botnets on its network and the problem of outbound spam put ISPs at risk of being blacklisted by other ISPs. For SureWest, outbound spam had the potential to increase email queues, creating email delays for users and causing a ripple effect throughout the organization. The process of investigating the sources of delay and remedying their outbound spam problem had created a significant administrative burden.

“Webmail is a trusted resource for our subscribers, so protecting it is very important,” says Scott Barber, vice president and general manager of California operations for SureWest Communications. “We needed to address the outbound spam problem proactively.” SureWest evaluated and tested multiple anti-spam solutions, most of which did not integrate easily with its open-source email platform. SureWest also rejected “closed box” solutions because of the inability to perform in a carrier-scale environment.

The Solution

The prior experience of SureWest team members with Razor, an open source plug-in developed by Cloudmark’s Chief Scientist Vipul Ved Prakash, helped spur the company to test Cloudmark Authority, a carrier-grade software plug-in for SpamAssassin. Cloudmark Authority includes an integration layer that delivers the latest threat signatures from Cloudmark to SpamAssassin. Cloudmark Authority for the Apache SpamAssassin offered an immediate improvement in filtering accuracy and performance, without requiring SureWest to leave or modify its open source platform.

Using a unique combination of Advanced Message Fingerprinting and corroborated reporting from the Global Threat Network, Cloudmark rapidly detects messaging abuse with 98 percent accuracy and near-zero false positives. An additional benefit to this high accuracy is that Cloudmark Authority requires only a fraction of the processing power of alternative solutions. Instead of processing-intensive rules, Cloudmark Authority uses lightweight Advanced Message Fingerprinting algorithms that do not impact scanning performance. Messages are rapidly scanned against Cloudmark Authority’s in-memory cache of known “bad fingerprints” or threat signatures. This local cache receives frequent Cloudmark threat updates—every 45 seconds—that are only additions to this cache. As a result, Cloudmark requires significantly fewer CPU cycles than traditional solutions, while delivering a higher filtering rate. Cloudmark’s efficiency and stability also enable service providers of all sizes to better predict infrastructure and administrative requirements over time.

The Results

Cloudmark Authority was implemented on SureWest’s existing open-source Apache SpamAssassin email platform. The installation was complete in 15 minutes and SureWest began to see immediate results in both hardware efficiency and filtering. “In our initial testing, we found that Cloudmark Authority allowed our machines to process 50 percent more messages per hour on physical hardware,” reports Barber.

Since deployment, SureWest has experienced a 15-20 percent increase in message throughput and reduced scan times ranging from five to seven seconds to less than one second per message. The company has also seen average system loads per CPU reduced by half, and user space CPU usage from a peak at 30 percent down to under 20 percent, representing a dramatic reduction in CPU utilization. SureWest is now able to effectively process 50 percent more messages per hour despite the reduction in physical hardware resulting from the company’s transition to a virtualized environment.

Simultaneously, SureWest implemented Cloudmark Authority and transferred its hardware to virtualization. Immediately, SureWest was able to reduce the amount of physical machines by 25 percent, and plans to cut hardware by 60 percent in the medium term. With Cloudmark Authority, SureWest can process twice the mail through its virtual box compared to its previous setup.

Since SureWest no longer needs to maintain rules and lists for SpamAssassin, Cloudmark also helps reduce administrative costs. As a result, SureWest’s customers benefit from a more secure, higher quality Webmail experience. With Cloudmark Authority, SureWest can now see when a user account is bursting—sending large amounts of spam through the email cluster—and stop the messages from leaving its network. By proactively identifying and blocking these messages, SureWest reduces the amount of spam leaving its network, and in-turn, lowers the chances of being blacklisted by other ISPs. “Authority integrated easily into our SpamAssassin environment and has delivered immediate improvements, such as increased outbound filtering accuracy, improved scanning times and reduced administrative costs,” concludes Barber. By reducing our resource requirements and improving service quality, Cloudmark Authority has proven to be an exceptionally good value for our company.”

For Your Reference

Cloudmark, Inc.

About SureWest Communications

With over 90 years in Northern California, SureWest and its family of companies represent an integrated network of highly reliable advanced communications products and services. SureWest provides digital cable TV, fiber optics, PCS wireless, DSL, high-speed Internet access, data transport, and local and long distance telephone service.

Published June 1, 2008