A spam filtering service is used by businesses for blocking spam email and preventing email-based threats from being delivered to inboxes. Spam filtering was traditionally provided by an on-premises appliance, through which all emails were routed. A spam filtering service is a software-as-service (SaaS) solution that performs the same functions as an appliance, but the filtering generally takes place in the cloud.
A cloud-based spam filter offers several advantages over on-premises solutions. First, these anti-spam solutions are easy to implement and require no dedicated on-premises hardware or the use of existing hardware, as all filtering takes place in the cloud. The hardware on which the service is run is maintained by the service provider, and the software does not need to be patched, as all updates are handled by the service provider. Whenever new features are added or vulnerabilities are fixed, they are automatically applied with no customer action required. Setting up the service is as simple as making a change to your MX record to point to the service provider. You can then access your user interface via a web browser to apply your policies and change the settings.
Why do I Need a Spam Filtering Service?
Email is one of the most common vectors used in cyberattacks, and is the main way that malware is distributed. Without a spam filtering service or other anti-spam solution, you will be incredibly exposed to email-based cyberattacks. Many businesses now use hosted email services such as Gmail or Office 365, which do incorporate basic spam filters. The problem is that they are basic. They perform well at blocking spam email and known malware, but they are much less effective at blocking more sophisticated email-based attacks. They are reliant on signature-based detection methods for identifying malware, so do not block novel or highly obfuscated malware threats and will not block sophisticated phishing attempts.
This is why Microsoft provides Advanced Threat Protection (APT) as an add-on service for improving threat protection. The standard Exchange Online Protection (EOP) that is included with all Office 365 licenses does not do a good enough job at protecting against more advanced attack methods. Even SMBs that are targeted less often by cybercriminals than enterprises often find that they get an unacceptable number of malicious emails in their inboxes with just EOP to protect them.
A third-party spam filtering service should augment, not replace, the protections provided by an email service provider. It adds an extra layer of protection on top of those provided by the email service provider and will ensure that more advanced threats are blocked and are not delivered to inboxes.
Important Features of a Spam Filtering Service
There are several important features of a spam filtering service that will ensure that malicious and spam emails are identified and blocked, without blocking genuine emails. The solution should perform scans of the message headers and message content to look for the common signs of spam and phishing. Look for a solution that incorporates AI or machine learning mechanisms, as they are capable of predicting new threats, rather than just blocking previously identified threats. These mechanisms are able to learn from the genuine emails that are received and can identify when emails differ from the norm and will see the solution improve over time.
Email impersonation is common in phishing attacks and makes it difficult for end users to distinguish between genuine emails and phishing emails. Look for a spam filtering service that incorporates SPF, DKIM, and DMARC. These protocols are used to verify the senders of emails and ensure they are authorized to send messages from a particular domain.
Most spam filters, especially the basic filters provided with hosted email services, use signature-based detection methods for identifying malware, typically relying on antivirus engines for identifying malware. Look for a spam filtering solution that uses sandboxing. When an email attachment passes inspection using the antivirus software, it is sent to the sandbox where the behavior of the file is analyzed. This allows novel malware variants to also be identified and blocked.
Outbound filtering is also important. If an email account is compromised, it may be used to distribute malware or send phishing emails internally or to customers and business partners. Outbound filtering can identify these malicious messages and is important for protecting the reputation of the company and preventing internal attacks on other employees. Outbound filtering is also used for data loss prevention and can be used to block emails from being sent that contain sensitive or restricted data.
For ease of administration, ensure that your spam filter integrates with your directory service – AD or LDAP – as this will allow you to easily apply different filtering settings for individuals, user groups, departments, or different offices.
How Much Do Spam Filtering Services Cost?
The cost of these spam filtering services varies from provider to provider, but it is possible to significantly improve detection of spam and malicious emails without having find much room in your current IT budget. Generally, these services start at around $1.30 per user, per month. If you have 100 employees to protect, that does mean a cost of $1,560 per year, but that cost will be considerably less than the productivity loss from spam and dealing with malicious emails in inboxes.
Photo Credit: RerF / stock.adobe.com