Spam Filtering Service

All businesses should use a spam filtering service, the cost of which is likely to be recovered from the productivity gains that can be achieved by using these solutions.

Spam email is a drain of productivity and while spam email volume has been in decline since 2014 when more than 70% of email volume was spam, spam email volume is still significant. According to Statista, 45.37% of all email sent in December 2021 were spam and in 2021, more than 319 billion spam emails were sent and received on a daily basis. The cost to businesses of dealing with spam email is considerable. If every employee spends 5 minutes a day dealing with spam email, for an average of 260 working days a year, that is over 21 hours per employee per year that is wasted.

Of course, not all unwanted email is benign. Spam emails contain some very serious threats. Phishing emails are sent that trick employees into disclosing sensitive information such as their login credentials, and most malware infections occur via email. Email is also used in business email compromise scams – the costliest form of cybercrime. A spam filtering service will block the majority of these threats and will prevent costly data breaches and extortion attempts using ransomware. In terms of the productivity gains alone the investment in a spam filtering service would be worth it. These solutions typically start from around $15, per user, per year.

Why Your Standard Email Server Spam Filter is Not Enough

If you use Office 365 or Gmail for your business email, you will already have some protection from spam and malicious emails. Office 365, for instance, includes Exchange Online Protection (EOP), Microsoft’s basic spam filter. These spam filtering services will block a reasonable amount of spam email, and most also include anti-virus protection that will block known malware variants. The problem is that the protection provided is largely one-dimensional and these solutions will only identify and block obvious threats.

These basic services do not provide layered protection against threats, they fail to block many phishing emails, and cannot detect unknown malware. Bear in mind that only around half of malicious code has a signature that can be detected by antivirus solutions. This is why even Microsoft accepts that the protection provided is basic, and offers a second package that provides layered protection, which is available at a premium.

To eliminate sophisticated threats such as phishing, spear phishing, and advanced malware, you should choose a spam filtering service that provides layered protection, and one that can be layered on top of your basic spam filters provided by your email service provider. Phishing attacks have become more sophisticated and continue to increase in volume, ransomware attacks have increased sharply with detections doubling in Q1, 2022, and malware attacks – which have been in decline –increased for the first time in 3 years in 2022, according to SonicWall.

Key Features of a Spam Filtering Service

There is a clear need for an advanced spam filtering service but what features should you look for? We have listed some of the most important features and capabilities of a spam filtering service to help you choose a product that will be capable of blocking sophisticated threats.

Spam Email Protection

Spam email is a nuisance and productivity drain, and while a spam filtering service will naturally block spam email, it is important to choose a solution that has a high detection rate. An advanced spam filtering service will block in excess of 99.9% of spam emails. You should also check the false positive rate – the number of emails that are misclassified as spam and are sent to the junk email or quarantine folder. A low false positive rate is important, as time will be wasted searching the spam email folder for genuine messages and the spam email folder will certainly contain dangerous threats. Spam filters perform a range of front-end tests of message headers and use blacklists of known malicious IP addresses to block messages, but also consider a solution with greylisting, as this will greatly improve detection rates.

Malware Protection

A spam filtering service will have an antivirus engine for detecting malware threats. The AV engine will detect all threats for which a signature is present in the AV engine. A solution with dual antivirus engines provides greater protection, but you should also look for a solution with sandboxing for detecting zero-day malware threats. File attachments are sent to the sandbox for analysis of their behavior, which can identify command and control center callbacks and other malicious actions such as reconnaissance and fingerprinting.

Phishing Protection

Phishing is the number one cyber threat faced by businesses. While a spam filtering service will be able to detect obvious phishing attempts, phishing has become sophisticated. To detect sophisticated phishing attempts, advanced capabilities are required. Bayesian analysis is an important feature for detecting phishing emails. Emails are analyzed for the common signatures of phishing, with the Bayesian analysis determining whether emails deviate from the norm, and therefore, the likelihood of them being spam or phishing emails. Heuristics are also important for detecting suspicious properties of emails. Machine learning capabilities will also see a spam filtering service get better over time.

Data Loss Prevention

One often overlooked aspect of spam filtering is outbound filtering. Spam filters will scan all inbound mail, but outbound filtering is important for detecting insider threats, errors by employees, and compromised mailboxes that are being used for spamming, phishing, and malware distribution. If your IP addresses are identified by other spam filters as sending spam, phishing, or malware-laced emails, your IP addresses will be blacklisted and your emails will not be delivered. A spam filter with outbound filtering and data loss prevention capabilities will identify and block outbound malicious messages and can be used to identify sensitive data types in emails and block the messages.

What is the Best Spam Filtering Service?

No solution will be perfect for all businesses, as each business has its own requirements. Most businesses now choose a SaaS solution for email filtering that is provided as a cloud-based service. With a cloud-based spam filter service, there will be no hardware purchases required, software downloads will not be necessary, the software in the cloud will be updated by the service provider, and the service provider will ensure constant availability. This is usually the most cost-effective choice, although if you have an on-premises email server you may benefit more from a gateway software solution. These are often provided as a virtual machine for use on existing hardware.

Important aspects to consider in addition to the above capabilities are ease of installation, use, and maintenance, as the time that needs to be invested in some spam filtering solutions can be considerable. Be sure to check independent review sites to get an idea of what the solutions are like to use – G2, Expert Insights, Google Reviews, Caparra, Spiceworks for example – and take advantage of any free trials offered to test the products out for yourself before committing to a purchase.