Cloud-Based Spam Filtering

A spam filtering service is one of the most important cybersecurity solutions to implement to prevent malware infections, but what is the best option to choose: Cloud-based spam filtering or an appliance-based spam filter?

What is Cloud-Based Spam Filtering?

Traditionally, spam filters were physical appliances that could be installed on premises that essentially serve as a sieve through which only genuine emails can pass. The appliance is programmed with various rules that allow it to identify spam and malicious messages and delete them or direct them to a quarantine folder.

An equivalent option is now available – a software solution that acts as a virtual appliance which can be installed on existing hardware. This option performs the same role but does not require the purchase of a costly appliance.

Cloud-based spam filtering solutions perform the same functions as appliances and virtual appliances, except there are no software downloads required and no need to purchase any hardware. All filtering takes place in the cloud.

As with most software-as-a-service offerings, cloud-based spam filtering is the simplest anti-spam solution to deploy. It can be installed on demand, requires little configuration, has a low maintenance overhead, and in contrast to a physical appliance, requires little capital outlay. Licenses are purchased for the number of mailboxes that the solution is required to protect, with payment possible through instalments. This makes cloud-based spam filtering the most affordable anti-spam solution to deploy for many businesses.

How Does Cloud Email Filtering Work?

A cloud spam filter is quick and easy to implement, only requiring the mail exchange (MX) record to be changed to point to the filtering solution of the service provider. Inbound and outbound messages are then directed through the service provider’s server. Making that change takes just a couple of minutes.

Configuring the solution is also straightforward. Many cloud-based spam filters integrate with directories such as LDAP or Active Directory. That means different controls can be applied organization-wide, or for departments, groups, or individual users.

Even though the software is in the cloud, businesses have full control over their spam filtering controls. The solution can be configured through a web-based interface, which can be accessed from any location. Through the web-based interface, administrators can apply their spam filtering policies, adjust existing policies, whitelist senders, create and schedule reports, and monitor performance in real-time.

Cloud-based spam filters are ideal for managed service providers (MSPs). MSPs can offer spam filtering to their clients and set up and configure the solution remotely without the need for a site visit.

Benefits of Cloud-Based Spam Filtering

There are many benefits of using a cloud-based spam filter rather than an appliance or virtual appliance:

  • In contrast to many software-based solutions and appliances, upgrades are not required. Cloud service providers that offer spam filtering solutions are responsible for updating their software
  • Since the software and processing takes place in the cloud on the service provider’s servers, there is no impact on network performance
  • With physical and virtual appliances, there may be some restrictions on operating systems and installation can be problematic. Cloud-based spam filtering does not have these problems. There are no hardware restrictions or incompatibility issues with software or operating systems
  • Cloud spam filtering solutions are more flexible and scalable than physical appliances. Physical appliances have limited capacity. When the number of active email users increases, new appliances need to be purchased. With cloud-based spam filtering, contracts can easily be adjusted to meet the demands of the business – upwards and downwards. If a business expands, the license can be adjusted. If a business needs to downsize, it should be possible to reduce the cost and eliminate redundancy
  • It is easy to test the effectiveness of a cloud email filter and the level of maintenance required. Many service providers offer a free trial to allow prospective new customers to try the solution before they commit to a purchase

Selecting a Cloud-Based Email Filtering Service

No service provider will claim they offer a mediocre solution. All solution providers will say their spam filtering service offers first rate protection against email-based threats, has a high detection rate and low false positive rate. You should therefore look beyond the sales claims and independently verify the effectiveness of the solution before committing to a purchase. There are many independent testers and reviewers: Virus Bulletin for instance provides such as service.

While all solutions should include antivirus controls, some solutions double up on the protection by using dual AV engines. The threat from malware is greater than ever and this doubling up on AV protection can be the difference between a blocked threat and a malware infection.

All solutions offer inbound email scanning, but outbound scanning of emails is also important. Look for a solution that offers this service under the service agreement. If this is an add-on service, be sure to factor this in when performing your cost analysis.

Service providers are likely to offer discounts for long-term contracts, which can make the solution more affordable. Some solution providers offer cloud-based spam filtering under a pay-as-you-go model if you have trouble finding the money in your budget for a large upfront payment.

Take advantage of free trials to discover how easy the system is to set up, configure, and maintain. If you are certain that the solution meets your needs, you will have the confidence in the product to be able to commit to a longer-term contract. There are usually discounts applied for longer term commitments.

MSPs have many choices if they want to start offering spam filtering to their clients. Some solutions are available in a fully white labelled version with different hosting opportunities, bandwidth limits can be applied per client, and multiple clients can be managed through the same portal. Shop around to find a solution that offers all of these features.

Cloud-Based Spam Filtering FAQs

Does cloud-based spam filtering affect the speed at which emails are delivered?

Although there may be some latency due to emails travelling through an off-site filter, in most cases it is imperceptible. Any delays to the speed at which emails are delivered will more likely be attributable to the number of tests and policies applied to the cloud email filter – which would be the case whether the email filtering solution was a hardware appliance, a software virtual appliance, or cloud-based.

What tests and policies can be applied to a cloud email filter?

Most cloud email filters allow you to apply real-time block lists, recipient verification protocols, and sender policy frameworks. To minimize the volume of spam emails that avoid detection, it is recommended you select a cloud email filter with greylisting capabilities and a customizable policy engine that enables you to apply policies at a granular level.

How does greylisting minimize the volume of spam emails?

While real-time block lists prevent the delivery of spam emails from previously known sources of spam, greylisting returns all inbound emails to their originating mail server with a request for the emails to be resent. Spammers´ mail servers are typically too busy to respond to the requests and the spam emails are never returned. In this way, greylisting minimizes the volume of spam emails received from previously unknown sources.

Doesn´t the greylisting process delay the delivery of genuine emails?

It can do, but normally by no more than a few minutes. If the delay in delivery is an issue for your organization, one way to get around it is to create whitelists for approved senders so their emails bypass the greylisting process. Most cloud-based spam filtering solutions allow you to add email contacts to an approved senders list with the click of a mouse, so there is minimal management overhead in doing this.

Why would you want to filter outbound emails?

By filtering outbound emails, you reduce the likelihood outbound emails contain content that could be perceived as spam by another filter configured with high spam confidence levels, or that an attachment being sent to a third party contains malware. Outbound email filtering can also help identify compromised email accounts or privilege abuse.