Spam Filtering for Business

Consumers are offered anti-spam controls from email service providers, although spam filtering for business requires a dedicated anti-spam solution. The spam filters used by the likes of Microsoft and Google are effective at blocking mass emails, but businesses are subject to much more sophisticated email-based attacks. To protect against malware, ransomware and phishing, a dedicated, third party anti-spam solution should be deployed.

Why is Spam Filtering for Businesses Essential?

Spam is a productivity-draining nuisance. Employees can waste a considerable amount of time dealing with unsolicited and unwanted emails. Even five minutes a day spent dealing with spam emails means major productivity losses for employers. Five minutes lost each day by 100 employees adds up to a full eight hours. Multiply that by 250 working days a year and over the course of 12 months more than 52 weeks of work will be lost. One recent study calculated the cost of managing spam emails to be $285 per employee per year, once associated IT costs are taken into account.

The productivity losses are minor compared to the losses that can be caused through phishing attacks, malware infections, and ransomware attacks. If these threats are not blocked, businesses can suffer catastrophic losses. Data breaches and ransomware attacks can result in losses of millions of dollars.

Without effective spam filtering, high numbers of malicious messages will be delivered to end users. All it takes is for one employee to respond to a single malicious email and divulge their credentials or install malware or ransomware for a costly data breach to result. The average cost of mitigating a data breach is now $3.6 million, according to a study conducted by the Ponemon Institute.

Options for Spam Filtering for Business

There are three categories of solution that provide spam filtering for business email accounts: Hardware-based spam filters, software-based spam filters, and cloud-based spam filters.

Hardware-based solutions involve the purchase of a dedicated spam filtering appliance that is housed on-site. All email traffic passes through the appliance. The appliance will have limited capacity and must be chosen based on the number of domains and active email users.

Software-based spam filtering for business use is deployed as a virtual appliance. This option should not require the purchase of any additional hardware – It can be installed on an existing machine.

Cloud-based solutions offer the same features as physical and virtual appliances, without the need to purchase any hardware or install any software. All spam filtering takes place in the cloud.

The first two options sit between the organization’s firewall and mail server on premises and all email traffic passes through these gateways. With a cloud -based solution, the mail exchange (MX) record is pointed to the service provider’s public or private cloud. Public cloud deployments are best suited for SMBs, while large enterprises and Managed Service Providers (MSPs) are usually better suited to a private cloud deployment – one that is not shared with any other business. A hybrid solution may also be possible, which will reduce the volume of messages arriving at the company’s mail server, easing the strain on its existing anti-spam solution.

How Does Spam Filtering for Business Work?

Spam filters use a variety of methods for separating spam and malicious messages from genuine email communications. Advanced spam filtering for business and MSP use typically blocks more than 99% of spam emails and 100% of messages containing known malware. So how is that achieved?

Each solution will use a combination of controls to distinguish between genuine messages and spam and malicious emails. These controls include:

Real-Time Block Lists

Real-time block lists contain IP addresses and domains that have previously been used to send spam or malicious messages. The sender of an email is checked against these blacklists to determine whether the message has been sent from an IP address with a poor reputation. If the reputation of the IP address is bad, the message will not be delivered.

Sender Policy Framework

A method used to determine whether a message has been sent from a host authorized by the administrator of a domain. This method of spam filtering for business email accounts is important for preventing the delivery of spoofed messages.

Recipient Verification

Verification that the intended recipient of an email is genuine. This control prevents speculative emails sent to invalid mailboxes from being delivered.

Message Content Analysis

Analysis of message headers and email content for common signatures of spam. Advanced solutions use Bayesian analysis techniques to assess the likelihood of an email being genuine or spam. Each message is assigned a score which is used to determine the actions that are taken – delivery, quarantine, deletion, or greylisting.

Greylisting

Greylisting is the term used for the rejection of suspicious emails with a request for the message to be resent. The delay in the request being processed is a good measure of whether the message was sent from a spammer’s mail server. Spammers mail servers are usually too busy to process these requests.

Malware Scanning

Use of single or multiple antivirus engines to scan email attachments for signatures of known malware.

SURBL/URIBL filtering

Analysis of hyperlinks contained in the message body to determine whether they are malicious or have been used in past spamming campaigns.

Things to Consider When Choosing the Spam Filtering for Business Use

There are many different anti-spam solutions available and they are not all created equal. Spam filtering is not only about stopping productivity draining emails from being delivered. A solution should offer excellent protection from all email-based threats, scan inbound and outbound messages, be easy to use, scalable, and flexible.

When choosing a suitable anti-spam solution, consider the following:

  • Deployment options – There are multiple deployment options available – Cloud-based spam filtering for business use is the easiest to deploy, although software-based solutions may be a better match for your organization. Research all options available and their relative merits.
  • Ease of Use – Consider the amount of time your IT department will have to spend managing the solution, performing upgrades, and tweaking controls and factor this in to the overall cost.
  • Spam detection rate – Spam filtering for business should ensure that more than 99.5% of spam emails are blocked. Choose a solution with a high – and verifiable – detection rate.
  • False positive rate – Detection rates may be high, but false positives can cause many headaches. Look for a solution with a verifiable false positive rate well under 0.05%.
  • Granularity of controls – The more granular the controls, the easier it will be to tailor the solution to meet the needs of the business. Does the solution allow you to set different controls for departments, groups, and individuals?
  • Antivirus protection – Spam filtering for business email accounts requires a powerful AV engine. Dual antivirus engines provide greater protection from email-based threats.
  • Malicious URL blocking – Does the solution examine embedded hyperlinks to determine whether they are malicious or have been used in past spamming campaigns?
  • Outbound email scanning – Does the solution only scan inbound messages? Outbound filtering can prevent your domains from being blacklisted and stop compromised accounts from sending malicious messages to your customers and suppliers.
  • Mail continuity service – Is there an email continuity service that will ensure your messages are filtered and delivered in the event of server downtime?
  • Flexibility and scalability – Will you be tied into an inflexible contract? What happens if you expand or downsize? Will you be able to scale up the solution easily or reduce the cost if you are forced to lay off staff?
  • Cost and affordability –Different payment options are available. Discounts can be obtained for longer contracts and pay-as-you go plans are possible with some providers. The highest cost solution is not necessarily the best.
  • Take advantage of free trials – A free trial of spam filtering for business may be available. Try before you buy to discover firsthand how easy the solution is to use and how effective it is at blocking spam and malicious messages.