At Abusix, our philosophy is that in order to truly implement effective abuse-handling, you need to see issues faster with greater detail; thus, the more data the better.
Data can come in the form of external feeds of abuse-incidents or it can be provided from internal detection of signals that show a compromise or abusive behavior within your network.
Having accurate data, of course, is even better.
Use Spam Reports to Track Down Users
Data feeds that originate from Abusix Data Services provide high confidence reporting of spam from bots and nefarious actors on your network which is immediately actionable, rather than waiting for (sometimes delayed) inbound reports. But, an additional possibility for great reporting, is to use your outbound filtering solution to tell you when your users are attempting to send out spam.
By feeding data from your outbound spam filtering solution into AbuseHQ, in addition to using external reporting, you’re finding out about attempts to send spam from your network as it is happening, in real time. This approach gives you a distinct advantage over waiting for external reports. Your filtering solution, in addition to the Abusix Data Service, provides you high confidence data: and it’s easy to set it up to feed you those messages it detected as spam or virus.
SpamExperts and AbuseHQ
One example of outbound filtering solutions that allow you to feed AbuseHQ with these reports is SpamExperts. Setting up a feed from your SpamExperts environment to AbuseHQ is very easy:
Simply configure your email@example.com address as the “Administrator Contact” in your SpamExperts domain settings: https://my.spamexperts.com/kb/357/Abuse-Reporting-Format-ARF.html.
If you also configure your upstream Mail Submission Agent (the mail server your users use to send email) to add a header that identifies the user that was responsible for sending the mail, AbuseHQ can use it’s internal email “Customer Resolver” to read that header and use the identifier provided, as the Customer ID.
Identify Where Spam is Coming From
In AbuseHQ, using both the Abusix Data Service and your outbound email filter, you’ll be able to identify your customers that are actively sending spammy messages, or are comprised by bots whether they are being successfully filtered or not.
Furthermore, a user who has both internal reports and external abuse@ reports can be actioned with confidence: these users are almost certainly sending spam.
AbuseHQ’s automation and integration features complete the circle by automatically throttling or blocking users that are compromised and help them to fix current issues before future ones occur. Click here to get started with a demo to see it in action.