Skip to main content

5 Ways Your Email Spam Checker is Leaving Your Company Vulnerable

By October 21, 2015December 17th, 2020Blog

More than 375 million people fall victim to cybercrime each year, and that number only continues to grow. Luckily, there are countless email spam checkers available to help keep your organization safe—right?

Unfortunately, many businesses that fall victim to phishing, spoofing, viruses and other malicious email scams actually do have a spam checker in place; however it isn’t offering adequate protection because most solutions have several innate flaws that spammers can easily sidestep. Here, we count down five ways your spam checker may be leaving your company vulnerable:

1. It offers no SMTP defense.

If your mail server runs on an open relay, and your email spam checker offers no SMTP defense, your server is accepting mail for any recipient and forwarding it on without restraint. Open relays practically guarantee delivery of spam messages, and they’ll even retry messages that have been initially blocked. Many of today’s spam checkers offer little in the way of SMTP defense, so it’s important to look for one that makes it a priority.

2. It lets suspicious messages through.

Do employees frequently voice concerns over suspicious messages appearing in their inboxes? That’s happening because your email security solution is probably more focused on the content of each message, rather than the sender.

Your spam checker is likely missing suspicious messages because it’s ignoring several key red flags:

  • The IP address is missing a reverse DNS.
  • There is no domain name in the sender or recipient addresses.
  • The HELO/EHLO is blatantly wrong or obviously not an IP address.
  • There is no HELO/EHLO.

These would be easily noticed by technology with more sophisticated sender reputation checks and verification protocol.

3. It uses out-of-date IP address reputation lists.

Most email spam checkers that filter by both content and sender claim to compare each message against repositories of known spammers. However, many of these providers fail to regularly update their IP address reputation lists—and yet new spammers and new fraudulent IP addresses emerge every single day. If your spam checker isn’t using pattern detection technology to keep its reputation lists up-to-date, it’s probably missing emails from new spammers all the time.

4. It’s leaving your company open to spoofing.

As the threat of spoofing schemes continues to grow, many anti-spam solutions claim to keep customers safe through content filtering. However, today’s more sophisticated scam artists are crafting spoofing schemes that are very difficult to detect. That’s why it’s important to look for an email security solution that applies Sender Policy Framework (SPF) and DomainKeys Identified Mail signature checking to all inbound email, which will help to distinguish legitimate messages from spoofing attempts—even if they do come from bulk email senders.

5. It’s flagging legitimate messages to spam.

If false positives are forcing employees to frequently visit their spam folders, it’s likely that your content filtering has gone overboard. In a business environment, plenty of legitimate emails can easily be mistaken for spam when the checker is looking solely at content: the terms that a pharmacist are important to see in an email often overlap with many common spam trigger words.  That’s why it’s important to seek out an email security solution that puts an emphasis on IP address reputation and includes sender authentication. Along with sender authentication, consider an email spam checker that allows each user to create “safe sender lists.” That way, a message from someone from their email community will never end up in the spam folder again.

If you suspect your email spam checker is leaving your company vulnerable, it’s time to upgrade to a solution that handles spam in a more comprehensive way. Click here to learn more about Sendio Email Security.