Posts Tagged 'Department'

December 15, 2011

Fighting SPAM and Abuse on a Global Network

For better or worse, one of the most engaging posts on the SoftLayer Blog is "We are a No-Spam Network," written by Jacob Linscott in June 2007. When it was posted, it celebrated a completely clear Spamhaus listing page – quite an accomplishment for a large hosting provider (for reasons I'll illustrate below). Since the post was published, it has become a hotbed of conversation about any and all abuse-related issues. Google "SoftLayer SPAM," and you'll see the post show up as the second result, so a lot of Internet passers-by will come across the post and use the comment section as a platform to share abuse-related concerns they have for us.

That engagement is a double-edge sword: It's good because we hear the concerns people have. It's bad because the post was meant to be a celebration of the continuous work that the abuse department does, and uninitiated visitors seem to consider it a unilateral claim that we've beaten spam once and for all. In the course of responding to comments on that post, I shared an analogy to convey what it's like to run abuse for a large hosting provider:

Scenario

Let's say you're the security manager for a huge mall. This mall has 100,000 stores with people walking in and out 24x7x365. In this scenario, there are "good guys" and "bad guys" who walk into and out of the mall, and every person looks exactly the same. Some of those people are store owners while others are customers of those stores. As the security manager for the mall, you want to maintain the safest, most well-maintained mall in the world, so when you find bad guys walking in and out of your mall, you do everything you can to kick them out and keep them out. Sometimes those bad guys are store owners who attract and send the wrong crowd; sometimes they are bad guy customers of a good guy store owner.

How would you manage your mall? It's not possible to differentiate whether a store owner will be a good guy or a bad guy when they're applying to lease space in your mall, so you can't "keep the bad guys out" in that regard. You can't have a security team of 100,000 people monitoring what's happening in those 100,000 stores, much less have someone individually check the millions of visitors streaming in and out of the stores. What's a security manager to do?

If you look at how Las Vegas casinos address that concern, it's clear that your best bet is to install security cameras and have a team monitoring them all the time. You might not be able to watch everything at the same time, but you can document what's happening around your mall and respond if you notice something unusual (or if someone calls in to report that they've seen bad guys coming from a store in your mall).

That's the position we're in.

SoftLayer Abuse Team

SoftLayer's network is the mall, the stores are servers, the store owners are our customers (who are often responsible for several "stores"), and the good guys and bad guys are traffic into and out of the network. We try to differentiate good guys and bad guys, but even if we know that all good guys have purple eyes and all bad guys have neon green eyes, it's still difficult to look 26,000+ store owners in the eye every day as they're walking into and out of the mall.

We staff a team of people intent on clearing the bad guys from our mall, and we know that even though good guy store owners may inadvertently host their own bad guy customers, they want to remove those customers from their store as well, so they appreciate us helping them pinpoint those customers so they can be removed.

We keep an eye on our security cameras and get our security guards to the stores where bad guys are reported as quickly as possible. If no one reports that the people coming out of store #73,403 are all bad guys, it's hard for us to know that they aren't good guys ... Which is why we encourage anyone and everyone to report abuse-related concerns to abuse@softlayer.com so we can mobilize our security force.

As Edmund Burke once said, "When bad men combine, the good must associate; else they will fall one by one, an unpitied sacrifice in a contemptible struggle." Or more colloquially, "All that is necessary for the triumph of evil is that good men do nothing."

Given that illustration, the abuse team deserves a LOT of credit for the work they do behind the scenes. They are constantly investigating reports and working with customers to get remove any and all content that violate SoftLayer's MSA, and too often, that can be a thankless job. Fighting abuse is an ongoing process, and while the nature of the beast might suggest the overall war will never be won, we're always getting faster and stronger, so the individual battles are easier and easier to win.

-@khazard

Subscribe to department