CEPL connects its OpenLDAP directory to the SaaS antispam filtering service: e-securemail
Integrating the OpenLDAP directory makes anti-spam management a lot easier. It also allows CEPL to connect to the filtering service several messaging servers.
Overview
CEPL is European leader in detailed picking and employs 2,700 people in 30 sites all over Europe. Its messaging system was shared between different sites and was confronted with significant amount of spams.
Messaging system is essential to CEPL core activity; currently two Postfix servers based in two different countries are managing the group’s mailboxes (1,000). CEPL was looking for an efficient anti-spam that could be perfectly integrated into the messaging servers and the OpenLDAP directory.
The existing system
Only one domain name is used for all the European sites. However, mailboxes are hosted by two servers. An anti-spam appliance was relaying all the email flow towards one server. This server would then send messages, which were not addressed to it, to the second server.
The challenge
The growing activity of CEPL in recent years has dramatically increased the email flow. As a result, the first server that was also used as SMTP relay was suffering from excessive load.
Spam would damage twice the CEPL messaging system:
- Most of the first server bandwidth was dedicated to relaying emails;
- Automatic relaying of 50% of the emails was slowing the Postfix server down.
IT Director of CEPL decided to take measures. He considered the different ways of reducing load on the infrastructure and increasing security. "An internal solution would have been too time-consuming; this is why we looked for outsourced services" says François Moreau, network and system administrator.
The solution
The MX records of the domain name have been set up to route every email to Secuserve’s datacenters.
The software connector LDAP/Active Directory that allows synchronization with the directory has been a key factor in the decision to choose e-securemail. "e-securemail has an intuitive administration console. However, what we were really looking for was a way of synchronizing several components to manage the 3,000 addresses of the domain (mailboxes, aliases and mailing lists) automatically" explains François Moreau.
This SSL secured link with OpenLDAP connects several components and allows:
- Automatic registration to quarantine box (also possible with the users’ different aliases);
- Setting up of a load balancer for outgoing emails.
One of the directory attributes allows e-securemail to know what server is hosting the email account. As a result, every email is first received by e-securemail and then routed toward the appropriate server.
The outcome
Besides making messaging system management easier, setting up the new system allowed CEPL to stop using the first server as a SMTP relay and, thus, to dramatically reduce its use. Service continuity is excellent and outsourcing the service has reduced bandwidth usage while improving filtering quality.
Eric Roland, Sales Director of Secuserve, explains: “We have been providing SaaS email security and collaborative messaging services since 2003. Requirements in terms of achievements and protection are more and more stringent; throughout the years Secuserve’s research lab has perfectly been able to adapt to the new methods used by spammers. We keep on offering high value-added services. In addition, we have gained a lot of experience regarding assistance and adaptation of our services to our customers’ specific needs; customers that keep being bigger and more demanding. And this is where we clearly make the difference with our competitors. The CEPL case is a perfect example of Secuserve know-how”