Skip to main content

Spoiling Spammers

2/1/2008

When New York City-based Gristedes Supermarkets added an online arm to its traditional supermarket operation, the chain opened itself up to malicious e-mail attacks. By adding an e-mail filter appliance to the mix, Gristedes is now protecting the chain’s mail server and network from crashes and damaging attacks, as well as backing up its e-mail communications.

Despite the best protective measures, spam continues to permeate even the most proactive chains. And as more spam makes its way through some spam filters, companies are finding that their operating costs are increasing.

“One solution is for companies to rip and replace their existing infrastructure, but many organizations don’t like to opt for this due to the cost element,” said Nate Gilmore, director of sales and marketing for Concentric, a San Jose, Calif.-based company that provides scalable messaging, collaboration and Web-hosting services.

While this was an issue for Gristedes, the company was more concerned with how spam messages were making its network vulnerable to crashes. “Our goal is to keep our systems running at optimal levels. This is not an easy task based on the avalanche or tsunami of spam that crops up,” explains Don Winant, CIO for the 100-year-old supermarket chain. The company, which recently opted to take its public status private, rings up just over $300 million in annual sales, he said.

The chain attributes its onslaught of spam messages to the launch of its e-commerce business at www.gristedes.com . More importantly, Gristedes became vulnerable to malicious DoS, or denial-of-service, e-mail attacks that prey on vulnerable computer systems or networks. Since these attacks consume the bandwidth of the network and can overload the resources of the computing system, DoS attacks typically cause the loss of network connectivity and services.

“We have 350 associates with e-mail addresses and were processing 60,000 messages a day. At times, it was not uncommon for our e-mail server to process up to 2,000 messages per minute—not all of it was legitimate,” Winant said. “However, this volume totally overwhelmed the server and often caused it to crash.”

Downtime could be considerable. For example, servers could be offline for two hours or longer. “If we were down for an extended period of time, we would also lose legitimate e-mail,” he explained. “That is unacceptable for a multichannel retailer.”

When Gristedes began weighing its options, the chain realized it needed to do more than merely add a new e-mail server that could handle its growing e-mail volume. “Increasing horsepower wouldn’t eliminate the chance of being hit by a malicious attack,” Winant noted. “We also wanted something that could act as a backup and retain communications in case our server went down.”

In September 2006, the company began evaluating its options and finally chose the eSoft e-mail server from eSoft Inc., Broomfield, Colo., as well as the Perimeter Email Protection (PEP) suite of e-mail server-security applications, from Concentric.

Prior to turning on the system, Gristedes created a list of legitimate internal e-mail addresses and distribution lists that were embedded into the appliance, Winant explained.

PEP acts as a perimeter pre-filter. As incoming messages hit the e-mail server, the PEP Filtering tool filters every e-mail for spam and viruses and then validates users.

The solution also acts as a data repository for Gristedes. If the chain’s primary e-mail server goes down, PEP pools incoming mail and redelivers it once the server is back online, ensuring that critical inbound messages are not lost.

Since launching the solution last fall, Gristedes’ 60,000 daily e-mails quickly dropped to 8,000 messages. “PEP has become our first line of defense in blocking DoS attacks,” he explained. “This has increased the speed and efficiency of our mail server.”

Realizing that some spam does make its way through the system, Gristedes is evaluating PEP’s Premium Filter option. This filter builds a customized database for each user, then detects spam messages based on the user’s individual e-mail history.

“Our main return on investment calculation is ensuring the most legitimate e-mails get through without causing down-time on our network,” Winant said. “It is working, as we have not had any down-time since going live with PEP.”

X
This ad will auto-close in 10 seconds