Center for Information Technology Services

Email SPAM: A Growing Annoyance in the World of Online Communication

The Persistent Challenge of Cybersecurity
It’s an unfortunate fact of modern life that IT professionals have to be constantly looking over their shoulders watching out for hacker attacks.  The transparent delivery of IT services is the goal for those who provide these services as much as it is for those who use them.  In today’s electronic world, problem-free, 24x7 availability is a reasonable demand for such services as the Internet, network, email, telephones, and other critical applications.  We cannot afford to have these services interrupted when business, research and education activities depend on them.  For the IT professional, the challenge of keeping these services continually available has become more difficult and complicated, not only because of the increased need for these services, but also because hackers and spammers continually try to disrupt these services and spread computer viruses and “worms” throughout networks.  Each and every day, thousands of attempts are made to infiltrate the UMB network to inflict harm by disrupting services, compromising data, spreading unwanted SPAM and viruses, and taking over the operation of computers.  Simultaneously each and every day, UMB IT professionals work diligently “behind the scenes” to protect data and computers, as well as to stop viruses and unwanted SPAM.  In CITS our goal each day is to make this work transparent so that the user community can take their electronic communications for granted.

Cybersecurity has become one of the greatest IT challenges today.  An important factor in the effectiveness of the UMB IT security program has been the technology applied at the outer layer of the campus network where it connects to the Internet.  Without this IT security, the chances of a virus entering the campus network and finding a vulnerable machine increases exponentially.  As hackers and spammers become more sophisticated, our identity and data theft protections must become more sophisticated.  Fortunately, our campus-wide IT security program has been effective in thwarting the thousands of attempts to spread damaging viruses within the campus network. 

The Strategy at UMB – the Past Five Years
Five years ago, the building of a strong IT security program was recognized as a primary goal at UMB.  Many IT professionals throughout the UMB campus collaborated on the creation, implementation, and ongoing delivery of an effective approach.  Five years ago, email SPAM was not a big issue.  SPAM was only a small percentage of the email that the campus was receiving.  At that time, we didn’t need a campus anti-SPAM

graphic: SPAM has increased 100 time over 5 years

solution.  It wasn’t until about a year later that SPAM became more visible, and when it did a campus anti-SPAM technology solution was acquired and implemented.  But while the computer viruses, worms and other threats to our systems were being kept in check, the growth of SPAM was becoming more of an issue.

The Growth of Email SPAM – A World-Wide Problem Affecting All Industries
The tremendous growth of Email SPAM has been a world-wide phenomenon.  Every industry has been affected and organizations have been challenged by the flood of unwanted email.  Over the past several years, the campus has seen a steady and marked increase in the amount of email processed each day.  The graph below shows this growth pattern over the past several years. 

Graphical representation of the increase in SPAM

The Impact of SPAM and Technology Solutions
Until spring of 2006, the campus had two email servers running Norton Anti-Virus (NAV).  These machines were capable of effectively scanning the daily volume of email messages.  When the volume exceeded one million messages in the spring of 2006, two more NAV servers were added, providing the ability to effectively scan the messages for viruses and process the additional volume of email SPAM. 

In the winter/spring of 2007, the four NAV servers were upgraded with two new, more powerful servers running Symantec Mail Services (SMS) which are capable of providing almost five times the processing capability of the previous systems.  In the spring and summer of 2007, the campus began experiencing an even greater amount of email SPAM. 

Due to this increased and continuing flood of SPAM, two additional SMS servers were ordered in August, 2007.  These machines are capable of handling a much greater volume of email than what the campus receives today. 

These additional servers were in the process of being procured and delivered when a flood of email SPAM overwhelmed the existing servers and caused slowness in email delivery to the campus.  The additional two servers have since been installed to handle current volume and future growth.  

Solutions for the Long-term Future
The addition of new, more powerful servers is a short term solution.  Even before the email delay issue, a more contemporary long term solution was being investigated for anti-virus, anti-SPAM and the regular processing of e-mail.  The creation of a new IT architecture that will provide greater redundancy, enhanced protection for the campus from viruses and SPAM, and efficient email processing is underway.  The new IT architecture will have the latest hardware and software solutions for anti-virus and anti-SPAM.  These new solutions have features not currently available in technologies that are as little as two years old.  In addition, we are adding a hardware appliance for sending large attachments through the network, but not as email attachments (see article about this appliance in this issue of CITS Bits).  Emails with large attachments dramatically impact email processing.  This new appliance will be especially welcomed by researchers and others who transmit large files since these file transfers won’t be restricted by a size limit, as is the case with email attachments.

Furthermore, we are continuing with best practices for IT security and email processing and we are continuing to consult with our colleagues at other universities and in the private sector who are also dealing with the increased volume of SPAM.  The new IT architecture and newest hardware and software solutions will be placed in production during the next couple of months, and the overall solution will continue to be enhanced as needed.  The ongoing, long-term approach may include external hosting by a company that provides one or more of these services. 

Given the critical nature of email, and the need for an effective combination solution of IT security, anti-virus and anti-SPAM, a great deal of “behind the scenes” work will continue and be a priority.   The goal, each and every day, is to make these issues invisible so that the UMB user community can take IT services for granted.  We will keep you informed as we make progress in dealing with a growing annoyance in the world of online communications.