Vancouver-based MailChannels Corp. has launched e-mail traffic shaping software aimed at slowing down and discouraging spammers en route to your corporate mail servers. But while the tool may frustrate some spammers today, the stop-gap might only be temporary, according to one analyst.
Traffic Control 3 is designed to slow down incoming e-mail from suspicious sources like botnets by “tar pitting” the senders for about 90 seconds. MailChannels said that because most spam bots are impatient, the software eliminates about 75 per cent of spam at the network edge and allows your enterprise’s e-mail content filter to manage the remaining traffic.
“Spammers are dramatically less patient than legitimate senders,” Ken Simpson, CEO at MailChannels, said. “If we significantly slow down the data rate of the connection between the spammer and the mail server, 90 per cent of the time, spammers will just give up before delivering any message.”
MailChannels has sold Traffic Control to select enterprise customers over the last several years, but now the company is turning its attention to small and medium-sized enterprises trying to stop the flow of spam. Despite being marketed to work with popular open source spam-filtering software SpamAssassin, the tool works with any content analysis or filtering system.
While Traffic Control is freely available on the MailChannels Web site, users will need to purchase a licence for commercial use if they receive more than 10,000 email connections per day.
One such user, Andalusia, Al.-based Internet service provider (ISP) AlaWeb Pioneer Services, has been a private customer of Traffic Control for several years after its spam volume soared to several million messages a day in 2005. The relatively small rural ISP said that because it’s been on the Web since 1994, its address and domain name is on the every spammer’s mailing list. The company estimates that it even receives more junk mail than some major global enterprises.
“The worst we had was four months ago where for some reason our inbound spam spiked from one and a half million to about 10 million emails per day,” Hugh Messenger, senior network administrator for AlaWeb, said. “The other day, when doing an upgrade, I had to turn off Traffic Control on one of my machines. Within 12 seconds, it grinded to a halt, because it didn’t have that connection management layer that gets rid of the junk.”
IDC Canada’s David Senf, director of security and software research, said that the time latency that Traffic Control provides as an additional cost for spammers to do business. The problem, he said, is that as programs like Traffic Control become more common, spammers will be more patient and attack the same vulnerabilities.
“The challenge with this system is that it works best prior to a critical mass of customer adoption,” he said. “The idea right now is that a spammer won’t wait, they’ll go bother someone else. As traffic shaping takes hold, spammers will have to accept this additional cost – or pass it on to you and me. By that I mean spammers will step up their efforts to create larger botnets.”
Senf said that while the software is useful for the time being, as long as there is money to be made in spam, attackers will continue to find ways around these types of systems. “In the arms race against spam, every weapon available to the good guy is good news,” he said.
And for the time being, Messenger agrees, saying that Traffic Control continues to reduce the strain on his Sendmail and make the size and speed of the inbound spam manageable.
“I could probably push Sendmail to 20 to 30 connections per second, but I was dealing with 50 to 70 per second,” he said. “The connection management layer that Traffic Control provides can allow me to handle about 2,500 connections per machine.”
“Short of changing our domain name, there’s no better way to handle it,” he added.