Skip to main content

Email Security Best Practices that Stop Spam Dead in its Tracks

By November 27, 2015June 17th, 2017Blog

Among the world’s 4 billion email addresses, a staggering 109 billion emails are sent and received each day. In this flood of email activity, spam messages are a constant threat to your organization as a whole and to your individual users. And even if spammers don’t successfully steal user data or compromise your network, these messages are still significantly restricting bandwidth and potentially causing network instability.

As an IT expert, it most likely falls on you to help ensure that your users are informed about how to avoid spam, and what to do when it makes its way into their inbox. There are several steps that each user can take to prevent spam; meanwhile, your department can institute several important steps to safeguard the company as a whole. Here, we share the top email security best practices for you to share with your users—and several to implement yourself—in order to stop spam dead in its tracks:

1. Immediately delete unsolicited email

At your organization, each user should know to avoid unsolicited email like the plague. Even if it looks innocent, it could be harboring sophisticated spamming techniques. Instead, have them immediately delete any unsolicited email and then block the sender.

2. Protect user email addresses

Spammers can only get to a user if they have his or her email address, so tell your coworkers to be very selective when it comes to sharing it online. They should avoid posting it to public websites, and only submit it to organizations that they trust, such as their financial institution. This will help ensure that their email addresses aren’t made available on marketing and spam lists, which will significantly cut down on the number of bulk emails received.

3. Resist the urge to forward

Inform your users that forwarding bulk emails can be dangerous in multiple ways. First, if any part of the email or attachment is compromised, forwarding exposes additional users to the threat. In addition, forwarding helps to pass along that user’s email address—and everyone else on the message—and they don’t know where it might end up.

4. Use a more intelligent whitelist technique

Traditional whitelisting techniques don’t cut it anymore, since phishing and spear-phishing attempts and malicious emails can originate from a “trusted” user. So seek out an email security solution that takes whitelisting a step further to take these dangers into account.

A smarter way to whitelist includes IP address tracking for all email senders, so that any message coming in from a new sender is automatically deferred in an SMTP transaction. Legitimate senders will retry the message, while spammers will avoid this step. The message then goes through the system’s other security layers, and messages from that new users are considered approved for the next 30 days, when another digital “handshake” is initiated.

5. Monitor for suspicious IP addresses

Get more proactive with your email security by monitoring for known spammers through IP address reputation checks. Seek out a solution that gathers a list of confirmed bad email senders that is updated in real-time, 24 hours a day.

Rather than simply filtering out spam based on the content of a message, which can be ineffective in a business environment, opt for an email security provider that uses email pattern detection technology to find suspicious IP address, and to check message recipients and the structure of the messages themselves for common spamming behavior.

These email security best practices can be helpful in cutting down on the amount of spam, as well as protecting your users from malicious messages. To safeguard your organization with layers of intelligent email security, learn more about Sendio’s Email Security Gateway™ and Opt-Inbox™.