Spam filtering has evolved from the days when a spam filtering service would simply scan the content of an incoming message for keywords that spammers commonly used. However, this method was quickly beat by spammers using images or substituting numbers and symbols for letters in those known keywords. Over time, Bayesian filtering allowed spam filtering services the ability to look for elements that identified an email as possible spam and give that message a score. If that score is above the threshold set, the email is considered spam. While this method did help thwart spammers using less sophisticated techniques, it also increased the numbers of false positives so legitimate emails were not being delivered as a result.
A truly effective spam filtering service that can not only identify spam but also reduce false positives consists of:
- Message scanning
- Anti-spoofing technologies
- Greylisting
- Reliance on the end-user
- A management console that it easy to use
By incorporating these elements, you have the ability to take back the inbox from the deluge of illegitimate emails your organization receives.
1. Message Scanning
There are still spammers who don’t understand that poorly written email messages laden with spammy keywords are ineffective because any good spam filtering service is going to use content filtering as a way to block out the noise. Messages are scanned for these low-level spam techniques and quickly identified and dealt with so that email security can deal with more sophisticated threats.
A good email filtering service also needs to scan incoming messages for malware using virus definitions and signature files that are up to date. This way, the most recent, zero-day threats are identified and kept out of the end-users’ inboxes.
2. Protection Against Spoofing
On of the most dangerous threats to your organization is when the attacker spoofs their email address to look like a legitimate sender. Three tools are commonly used to identify spoofed sender addresses:
- SPF (Sender Policy Frameworks) is a technology that allows mail servers to publish the IP addresses that are authorized to send emails using their domain.
- DKIM (DomainKeys Identified Mail) relies on a digital signature to verify the identity of the sender.
- DMARC (Domain-Based Message Authentication, Reporting and Conformance) leverages SPF and DKIM but also allows domain owners to publish policies for how to deal with DKIM and SPF failures.
The problem with many email filtering services is that they rely on either SPF or DKIM, and they don’t always make sure of the inbound and outbound protections offered by these technologies. Effective email security tools will leverage a combination of all three to fully protect their systems.
3. Greylisting
Since spammers send hundreds of thousands of email messages, if a message delivery fails, the mail server just moves onto the next address without concern. Legitimate mail servers will see that a message delivery failed and resend that message.
Greylisting uses this challenge/response methodology to identify spam by holding back email messages for a short period of time. If the message is resent, then the security system is more confident that the sender is legitimate.
4. Incorporation of the End User
One of the biggest problems users have with email filtering services is that they identify legitimate, important emails as spam. By leveraging the end-user’s known email contacts and contact information from other enterprise tools, the most effective services reduce false positives so legitimate emails make it to their intended recipient.
5. Easy Management
When email security is too hard to manage there is a greater likelihood that more spam will make its way through to the inbox and more legitimate emails will be flagged as spam. Management consoles need to make sense to the email security administrator, but also need to be accessible via a web-based console and allow for granular management so that you can set controls at both the domain and user level.
Sendio’s combination of these elements makes it a best-in-class email filtering service that, “just works” according to its customers. By leveraging its Silverlisting challenge/response technology along with its communities feature, spam is stopped while important emails from legitimate senders are delivered without issue.
Request a demo to see how your company will benefit from the technologies Sendio brings to the table when it comes to email security.