Home
Email
Search
Services
Support
 Contact Us

Address:
3001 Henderson Suite P
Cheyenne, WY 82001

Phone:
307.772.4466
Toll Free:
877.996.6381

Email Us

Frequently Asked Questions

Learn more about spam, directory harvest attacks, and email-borne viruses:

Q: Who/What is Postini?
A: Postini is a service that Lonetree.com uses to block spam and virus laden email messages.

Q: How much junk email (spam) do companies receive?
A: The nature of a corporation's business tends to contribute to the volume of junk email they receive. Customers report that a range of 30-80% of the email they receive is identified as spam.

Q: Has the ratio of spam to legitimate email been increasing?
A: Yes. Postini™ reported a 150% increase in the amount of spam email sent to our customers in 2002 — and corporate spam traffic is still growing in 2003. On a given day, 70% of email Postini processes is categorized as spam.

Q: Why has the spam volume been increasing for companies?
A: The dramatic growth of spam has been fueled by the use of a sophisticated email address collection technique called a Directory Harvest Attack (DHA). Spammers use DHAs to collect thousands of valid email addresses from unprotected mail servers. They also have become more advanced in the use of graphics, HTML, and techniques that introduce minor differences into each spam message. This technique is used to defeat the simple signature-based or reference database anti-spam methodologies (that depend upon large volumes of identical message being sent in order to identify junk email). Postini's experience is that 90% of spam messages are unique — so these types of filtering technologies are often ineffective.

Q: What is a Directory Harvest Attack?
A: Directory Harvest Attacks (DHAs) are a sophisticated technique that spammers use to bypass typical email server checking mechanisms in order to access directories and receive a list of valid email addresses. During a DHA, spammers attempt to deliver messages to multiple addresses, such as johndoe@yourcompany.com, jdoe@yourcompany.com, and john@yourcompany.com. Addresses that are not rejected by the receiving mail server are determined as valid. These addresses are compiled and sold to other spammers worldwide. This is why a brand new email box can be full of unsolicited, junk email just hours after it has been set-up.

Q: What is the relationship between a Directory Harvest Attack and spam?
A: DHAs are used to "harvest" valid email addresses, which are then sold to spammers who use the addresses to launch massive spam attacks, typically within 36 hours.

Q: How do companies protect themselves from DHAs?
A: Since DHAs exploit standard SMTP behavior, the only solution is to protect the SMTP connection. At this time, Postini’s email security service is the only solution that provides security for both email content and the SMTP connection, blocking DHAs before they reach the mail server.

Q: Isn't spamming illegal? How are spammers able to get away with it?
A: There are several bills that have been introduced at the Federal level, but no legislation has been enacted at this time. Currently, 15 states have anti-spam laws, which mostly carry fines, but they only affect spammers who live in the state with the legislation and who spam email users in that state. Spammers avoid getting caught by changing their own email address frequently, making it hard to track them down. They also use resources in other countries to send out their email blasts. In fact, 50% of all spam sent to U.S. email-users originates outside of the country. Spammers usually send their blasts from countries without anti-spam legislation, but even European and Canadian anti-spam laws do not cover inter-country activity.

Q: If laws and regulations don't work, does that mean we have to live with spam?
A: While it still helps to regulate the Internet and "police" junk emailers, most industry analysts advise companies to deploy anti-spam technology, with a focus on perimeter or gateway protection solutions. They also encourage companies to make sure that the solution they select is updated frequently to address evolving spammer tactics.

Q: In addition to spam, viruses, and Directory Harvest Attacks, what other types of email-borne attacks are problematic for companies?
A: There are a number of SMTP connection and content threats that can adversely affect the unprotected email server. Denial of service attacks, long standing open SMTP connections, email bombs, and even chain letters can overrun server transaction capacity or message store space. Postini provides a protective umbrella for all SMTP connections and content types being delivered to your server. If we detect an attack, Postini can kill the connection and deal with the threat in real-time.

Q: How is Postini able to collect accurate spam, DHA and virus statistics?
A: Postini processes email for 5 million email-users worldwide in milliseconds. Using heuristic rules-based technology, we filter spam and other email-borne attacks in real-time. Our ability to act on the message in real-time allows us to aggregate numerous data points on each message. By analyzing this data against over 120 million messages we process each day, we are uniquely able to provide the most statistically sound data sample for trend analysis.