Email Protection for MSPs

Due to the increasing number of cybersecurity events in which email is a factor, email protection for MSPs and their clients has never been more important. One of the best ways for MSPs to protect themselves and their clients from email-borne threats is to implement an advanced email filter with greylisting capabilities.

Security experts frequently disagree about the most common causes of data breaches (hacked credentials, misconfigurations, unpatched vulnerabilities, etc.), but there is little doubt email is often a factor before, during, or after a cybersecurity event. For example, following the Kaseya supply chain attack (which was caused by the exploitation of a vulnerability), many businesses were sent phishing emails disguised as update notifications from organizations claiming to be Kaseya partners.

There is also little doubt that MSPs are increasingly being targeted by cybercriminals. Whereas once, large enterprises were cybercriminals´ primary targets due to the large volumes of data they kept, MSPs are often seen as easier targets due to having fewer resources than large enterprises to protect themselves against cyberattacks. In addition, MSPs´ clients can maintain as much data as large enterprises and pay as much in ransoms to resolve successful ransomware attacks.

For these reasons, email protection for MSPs should be the top consideration – yet it is not. Many MSPs are using email services such as Office 365 that rely on signature-based processes to authenticate emails (i.e., DKIM). However, as a Black Hat Briefing in 2020 demonstrated, it is not difficult for a determined cybercriminal to bypass email sender authentication processes – reducing the effectiveness of these defense mechanisms in the battle against email-borne threats.

How Greylisting Enhances Email Protection for MSPs

Mail servers with email filters tend to have multiple filtering processes. When an email is received, front-end tests authenticate the sender, verify the email is addressed to a genuine recipient, and check the source of the email against blocklists of known spam servers. Thereafter the content of the email and any attachments are checked against filtering policies, and both the email and any attachments are virus scanned before the email is delivered into the recipient´s inbox.

When an email filter has greylisting capabilities, the mail server returns any emails from non-whitelisted sources to the originating server before any front end or back end checks are run. The returned emails are accompanied by a request for the originating server to resend the emails – which usually happens within a couple of minutes. The greylisting capability recognizes the returned emails and allows them through to be processed by the other front end and back end checks.

Spammers´ mail servers rarely have mail retry capabilities because so many spam emails are returned – not only due to greylisting, but also because of invalid recipients and matches with blocklists. Potentially, a spammer´s mail retry queue could fill up very quickly and prevent fresh spam from being sent out. Consequently, greylisted emails are rarely returned by spammers´ mail servers – reducing the amount of spam and email borne threats delivered to users´ inboxes.

Options for MSP Email Filters with Greylisting Capabilities

Despite tests indicating that email filters with greylisting capabilities can increase spam detection rates from 99% to 99.97%, not all MSP email filters have greylisting capabilities. Among those that do enhance email protection for MSPs, SpamTitan is a leading contender due to the possibility of hosting the email filter on-premises, in a private cloud, or in the public cloud. It is also possible to integrate SpamTitan with existing email filters to take advantage of its greylisting capabilities.

When implementing SpamTitan as standalone email protection for MSPs, the scalable email filtering solution can support an unlimited number of users and domains, with the option for clients to create per domain administrators for applying unique, business-specific filtering policies. MSPs can also configure SpamTitan to produce per domain reporting, while other benefits of SpamTitan include:

  • Intuitive and easy to set up, configure, and populate.
  • Includes six specialist Real-time Blocklists (RBLs).
  • Apply granular filtering policies per user, department, or domain.
  • Provides Zero-Day malware threat protection and intelligence.
  • AI-driven anti-phishing prevention with URL disclosure.
  • Dual antivirus engines protect against 100% of known malware.
  • Sandboxing allows in-depth analysis of suspicious attachments.
  • Full outbound email scanning to prevent reputational loss.
  • Straightforward integration into existing management solutions.
  • Available as a white label software solution for MSP branding.
  • Flexible Pricing Model: SpamTitan’s pricing model gives the flexibility MSPs need to deal with changing numbers of seats. Monthly billing options are also available.

To find out more about how SpamTitan enhances email protection for MSPs and clients, or how SpamTitan can help you generate a regular, recurring income from your clients, visit spamtitan.com today.

Twitter Facebook LinkedIn Reddit Link copied to clipboard

Posted by

Richard Anderson

Richard Anderson is the Editor-in-Chief of NetSec.news