Death rates were going down, and life spans were increasing, decades before antibiotics were invented. Doctors may not have been doing a much better job, but civil engineers were, because municipal water systems were delivering safe drinking water.
A similar situation faces users of Office 365 Exchange spam filters. The “doctors” (the people behind the spam filters) are working hard, but they are still doing the same old thing. While Office 365 offers many advantages in terms of simplified management, users might seriously consider changing spam filters to one built by the modern “civil engineers” in our analogy. Here are four reasons why:
1. Spam Still Gets Through
Exchange relies on conventional techniques, specifically spam, malware, and connection filters. Spam and malware filters examine the contents of incoming messages for the signature features of spam (junk email) and malware (viruses and spyware.) Connection filters can block email from specific IP addresses (or geographic regions, or in specific languages) based on manual input, or based on input from monitoring services. Both kinds of filters can be updated several times a day.
Spammers are well aware of these techniques and spend enormous effort circumventing them. Consequently, these filters can only stay one step ahead of spammers—and there will be moments when spammers do get a step ahead of the filters.
2. Phishing Is Invisible
Phishing is the use of targeted spam to defraud the recipients. Typically, phishing relies on messages that display detailed information about the recipient’s organization, so the recipient will assume the message is legitimate. The most carefully crafted messages are spear phishing and have been known to convince accountants to send large sums to total strangers at the behest of traveling bosses—even though the mail did not come from the boss’ usual email address.
Office 365 Exchange has no phishing filter, and relies on general filtering for that purpose. If phishing email gets through, the first line of defense is the security training (or common sense) of the recipients. However, this has proven fallible enough to keep phishing spammers in business.
3. Clumsy Interface
Initially, the administrator has to manually compose a white list of IP addresses from which mail is allowed through, and a black list of IP addresses from which mail is blocked.
If an incoming message is blocked because the sender is on a black list, the recipient receives no notification, leading to the possibility of unlimited false positives, which typically reflects poorly on IT when important mail goes amiss.
4. Newsletters & Marketing Email: A Gray Area
Newsletters, sales offers, and marketing email may not have fraudulent content or carry infections, but they are frequently time-wasting nuisances. If they are from an IP address with a good reputation, and if their content is not suspicious, they can pass both the spam and connection filters of Office 365 Exchange and cause email overload.
On the other hand, if this type of email doesn’t pass through filters, can also be a problem since people in the enterprise may want to see this email, just not in a mix of important email.
With all of this in mind, it is not to say that relying on built-in spam and security of Office 365 Exchange is not vastly better than having no protection at all. Unfortunately, its reliance on filtering means it does not use more sophisticated methods that ensure the most efficient and secure inbox possible. These methods, of course, correspond to the modern civil engineering in our analogy—you shouldn’t have to filter your tap water.
These methods are available through Sendio. By controlling the source of email, through techniques like a Sender Verification Process and Silverlisting™, email from total strangers cannot even arrive, much less be acted on. You can request a demo to see just how effective it can be in keeping your organization safe.
