How ISPs are Curtailing Outbound Abuse

For an ISP, the consequences of outbound spam can be grave. Another email provider could block them or their entire range of IPs could end up on a blacklist.

Intercepting outbound spam is, therefore, crucial for any ISP wishing to safeguard their reputation while reducing the total volume of spam circulating throughout the global email ecosystem.  More importantly, curtailing outbound spam means protecting end-users from the threat of getting their passwords stolen and their accounts compromised.  The first phase of designing a comprehensive anti-abuse initiative involves people, processes and policies. The ISP’s Anti-Abuse Department will decide on their overall approach, such as; the terms of their Acceptable Use Policy, general abuse handling procedures and management of legacy ports such as 25 (SMTP), 110 (POP), and 143 (IMAP).

Parallel to the above, the ISP deploys various anti-spam technologies such as outbound-port filters. The Three Ps; People, Policies & Procedures plus technology; all put together this sounds like an almost perfect approach, but here’s the caveat; people are not omnipresent and no one technology, like an anti-spam filter, is enough to eradicate outbound spam. Attempting to use an inbound filter to stop outbound spam also presents a number of issues. Inbound spam filters are used to detect abuse from generally unknown sources. Abuse sent from your own network, hidden within masses of legitimate email, can be difficult to detect.

Spam comes in waves and most anti-spam solutions used for detecting inbound abuse require a period of time until an attack is detected. During this time, a spammer could have already transmitted thousands of emails and cause significant damage to the ISP’s reputation.   Moreover, outbound abuse is often the start of a journey that potentially entails other forms of abuse, such as web-login attacks, fake registrations, and phishing, tying it closely to general threat assessments.

With this in mind, it’s clear that the ability to monitor outgoing spam both before and after it has left the network is vital to an Abuse Department. If you can’t catch everything the first time around, the ability to react quickly once abuse is observed becomes vital.

So how do they do that? One way is to deploy a tool that allows the ISP to fully automate the data-collection cycle necessary to detect outbound abuse and take action on it.

The characteristics of an effective monitoring tool are as follows;

  • Provide an ISP with visibility outside of their region; showing what other ISPs around the globe are seeing from their network.
  • Enable an ISP to track abuse from their customer accounts as well as from hosted servers (often for businesses) that aren’t controlled directly by the ISP.
  • Identify waves of abuse and track abuse history over time.
  • Easily integrate within existing internal customer care systems.
  • Alert the Abuse Department, in real-time, when new incidents of abuse are discovered.
  • Provide the necessary details to allow the ISP to take action to either stop the abuse or remedy the situation when a customer’s credentials have been compromised.

Return Path has created the Outbound Abuse Manager service to fulfill all of the above criteria. Outbound Abuse Manager  provides a fully automated data collection cycle with CRM integrated capabilities, and is an integral part of our Fraud Protection Services suite.  A number of renowned email providers already use it and take advantage of Return Path’s Trusted Cooperative Network, the largest messaging reputation network on earth. They benefit from data drawn from more than 80 network partners worldwide, providing with the broadest visibility into outbound email abuse.

If you’re an ISP interested in augmenting your current anti-abuse efforts with intelligence you can use, take a look at our white paper The Challenges & Limitations to Solving Outbound Abuse and contact us for more information on our Mailbox Provider services.





minute read

Popular stories



BriteVerify email verification ensures that an email address actually exists in real-time


The #1 global data quality tool used by thousands of Salesforce admins


Insights and deliverability guidance from the only all-in-one email marketing solution

GridBuddy Cloud

Transform how you interact with your data through the versatility of grids.

Return Path

World-class deliverability applications to optimize email marketing programs

Trust Assessments

A revolutionary new solution for assessing Salesforce data quality


Validity for Email

Increase inbox placement and maximize subscriber reach with clean and actionable data

Validity for Data Management

Simplify data management with solutions that improve data quality and increase CRM adoption

Validity for Sales Productivity

Give your sales team back hours per day with tools designed to increase productivity and mitigate pipeline risks in real-time