I like Traffic Control because I appreciate clever solutions and I think Traffic Control is clever indeed: by slowing suspected spam traffic it reduces their ability to pass bad traffic and improves overall performance. Slowing down connections for better service — it's a completely counter-intuitive argument, but Traffic Control makes countless smart decisions in handling connections and determining which are potentially harmful.

– David Blank-Edelman, Director of Technology at the College of Computer Science, Northeastern University

The Organization

David Blank-Edelman, the Director of Technology at the College of Computer Science at Northeastern University, manages the college's primary mail servers. Up to now, Blank-Edelman's site has run exclusively open source solutions for email using the mail transfer agent exim, anti-virus software ClamAV, and anti-spam software SpamAssassin.

The Challenge

During 2006, the volume of spam flowing into the college more than doubled, significantly increasing the processor and memory load on mail servers. Users began to experience delays in message delivery, as email queues lengthened under the strain of increased spam volume. While none of the servers crashed, email queues were growing so large that Blank-Edelman had to on several occasions take the service down in order to flush the queues, thus further delaying delivery. "During the times of heaviest loads, people's mail was being delayed by hours," said Blank-Edelman. "Email is mission critical at university — especially inside a computer science department — and poor delivery service was what drove me to look for a better solution."

Blank-Edelman uses the open source SpamAssassin package to classify email messages, employing the Razor plug-in and numerous custom filtering rules. However, he notes that spam detection is a heavyweight process. "I knew that my current infrastructure was not going to be able to handle current and future spam loads," he says. Before adopting the MailChannels solution, he considered and rejected several different options to solving his problem including:

  • Buying more servers with higher CPU power;
  • Using an outsourced service;
  • Installing a dedicated email security appliance; and,
  • Deploying grey-listing.

The first three options were expensive and greylisting presented other problems. "The biggest problem with greylisting is that legitimate email can be delayed for long periods, for example when there's a domain with a number of outbound SMTP servers, each in a different IP-block. Naive greylisting solutions do not recognize this situation. If a second outbound SMTP server resends a message, many greylisting solutions will generally ask for yet another resend," said Blank-Edelman.

The Solution

Fortunately, Blank-Edelman read Stas Bekman's article on Traffic Control at ONLamp.com three days before implementing greylisting. In the article, Bekman explains why slowing down spam is a brilliant and effective move:

... spammers are impatient. If they can't deliver a message within several seconds, they tend to abort the connection and move on to spam other servers. After all, spamming is only profitable if spammers can push a lot of email across the wire. The solution used by the Traffic Control product creates financial friction...

Read the entire article by MailChannels Director of Research Stas Bekman

Blank-Edelman chose Traffic Control to protect the College of Computer Science's mailboxes running on Sun Solaris servers. Installing Traffic Control solved the main problem of slow delivery due to machine overload and has bought time while Blank-Edelman finds new solutions for the future. "I like the fact that Traffic Control just slows down suspect email and doesn't force sending SMTP servers to resend messages in the way greylisting would," Blank-Edelman said.

Blank-Edelman found Traffic Control clever and appealing because by slowing suspected spam traffic, spammers often give up trying to deliver the message, significantly improving overall email performance. As with all software deployments, integrating Traffic Control with the college's sophisticated email delivery infrastructure met with some initial challenges. Blank-Edelman still has a lot of praise for MailChannels. "I really appreciate MailChannels' persistence and patience in dealing with the problems related to our configuration and the initial releases of their software."

Significant Wins

Timely delivery

Email is now delivered in a timely manner using the same email infrastructure as before, with no need for an increase in CPU power, storage, or memory.

Happy end users

Blank-Edelman surveyed his users and they are happy with what they have experienced as a dramatic reduction in spam.

Slow down feature reduces malicious attacks

Blank-Edelman likes the fact that many malicious email messages with viruses and other malware are repelled benefit because of the way Traffic Control identifies and slows down abusive senders. Spammers get frustrated and move on — viruses and phishing attacks turn away with them.

Overall cost savings

Blank-Edelman estimates that the overall cost in both dollars and work effort to purchase and implement Traffic Control would be much lower than other solutions (for example, hosted services or dedicated email appliances).

Ease of infrastructure maintenance

Because the system no longer becomes overloaded by spam, the necessity of shutting it down to clear the message queue backlog has been eliminated. "My group offers at least 55 services for the department and email, though a very important service is just one of them," said Blank-Edelman. "I am pleased that Traffic Control has reduced my workload so I can concentrate on other aspects of IT."