Email Filter for an Exchange Server

Implementing an email filter for an Exchange Server is one of the most proactive steps an organization can take in order to prevent unwanted spam, increase protection against email-borne threats, and ensure email continuity during downtime.

Although Exchange Servers provide a degree of email filtering by default, the software provided lacks the key tools to enable the detection of sophisticated spam and malware. An email filter for an Exchange Server resolves this issue with real-time spam detection and powerful anti-virus software.

Exchange Server email filters also provide email continuity. This can be critical for an organization in the event of downtime during an outage, hardware failure or natural disaster – allowing communication to continue, and preventing loss of business and loss of credibility.

How Exchange Server Email Filters Work

Exchange Server email filters use multi-layered security mechanisms to assign each inbound email a spam confidence level. Each email is checked against a blacklist of IP addresses from which spam email has originated in the past and analyzed for compliance with sender policy frameworks.

If an email exceeds a specified spam confidence rating it is tagged and either sent to the intended recipient tagged as spam, quarantined, or deleted. The filter then produces a report of all tagged/quarantined/deleted emails so that genuine emails can be reinstated and their senders added to a whitelist.

An email filter for an Exchange Server also scans outbound emails to check for any content or attachment that could be flagged as spam by a global blacklisting agency. This prevents an organization´s IP address being included in a blacklist, with a subsequent delay in the delivery of emails sent by the organization until the issue is resolved.

How to Evaluate an Email Filter for an Exchange Server

In order to evaluate an email filter for an Exchange Server, you need to start by comparing it against the premium service offered by Microsoft – “Exchange Online Protection” (EOP). EOP replaced the company´s “Forefront Protection for Exchange” when Exchange 2013 was released; but unlike its predecessor, EOP is only available as a cloud-based service.

There are several known issues with EOP. EOP lacks real-time dynamic link following, “sandboxing” and “greylisting” – an essential function to detect spam emails. The premium service has also been criticized for having a high maintenance overhead – smaller organizations preferring usability over complex customization options.

Although all third party Exchange Server email filters offer email continuity, they vary in their ability to prevent unwanted spam and increase protection against online threats. Consequently, when evaluating an email filter for an Exchange Server, organizations have multiple considerations to take into account. These include:

  • What deployment options are available?
  • How is the spam detection rate verified?
  • What anti-virus software is used to identify email threats?
  • Are there any known compatibility issues?
  • Is the email filter for an Exchange Server scalable?
  • Does the service provider have knowledgeable and reliable customer support?
  • Can the service provider supply independent testimonials?

Depending on the size of your organization and the nature of its business you may have more considerations. For example, organizations with a limited IT budget may demand flexible payment options. Larger organizations may want APIs to integrate the email filter with other management tools, while Managed Service Providers may require deployment in a private cloud and a white label option.

SpamTitan´s Exchange Server Email Filters

SpamTitan has been developing  email and web security solutions since 1999. Among our portfolio of products are two powerful Exchange Server email filters – SpamTitan Gateway and SpamTitan Cloud. SpamTitan Gateway is deployed as an on-premise virtual appliance, whereas SpamTitan Cloud is a cloud-based service with multiple hosting options.

Both Exchange Server email filters block 99.97% of spam and have a low false positive rating of 0.03% according to the leading independent testing and certification body VB Bulletin. Both SpamTitan Gateway and SpamTitan Cloud use dual anti-virus software from Bitdefender and Clam AV to increase protection against email borne malware, and both are universally compatible.

Small organizations, larger organizations, and Managed Service Providers will appreciate SpamTitan´s scalability, while detail of our flexible payment options, our comprehensive range of APIs and our white label options are available on request from our industry-leading customer support team. Independent testimonials from our existing database of customers are also available on request.

Try an Email Filter for an Exchange Server for Free

We believe that the best way to evaluate an email filter for an Exchange Server is to give it a test run in your own environment. Consequently we are offering organizations the opportunity to try a fully-enabled SpamTitan Gateway email filter or SpamTitan Cloud free for fourteen days with no commitment to continue with the service once the trial period is over.

Contact our customer service team to find out more about this offer or to raise any questions you may have about Exchange Server email filtering. One of our friendly and experienced team will guide you through the installation and configuration process of your email filter for an Exchange Server in order to prevent unwanted spam, increase your protection against online threats, and ensure email continuity during downtime.

How Does SpamTitan’s Spam Filtering Work?

Microsoft Exchange security can be significantly improved with the addition of a third-party spam filter such as SpamTitan. In contrast to Microsoft Exchange and Office 365, SpamTitan uses predictive methods to block new variants of malware, zero-day attacks, and spear phishing attempts that would otherwise be delivered to end users’ inboxes.

How SpamTitan Spam Filtering Works

Like most email service providers, Microsoft has developed its own spam detection mechanisms which will block a percentage of spam emails and malicious messages; but Exchange Online Protection and the antispam controls in Office 365 lack the sophistication to block new variants of malware and are ineffective at blocking many malicious messages that use embedded hyperlinks. The latter are extensively used in phishing attacks.

Organizations that rely on the cybersecurity protections of Microsoft Exchange or Office 365 are often frustrated by the volume of spam emails and malicious messages that sneak past the filtering mechanisms. Office 365 phishing protection is better than nothing, but it simply does not block enough threats. That is why Microsoft offers a more advanced solution at an additional cost, but even that only provides a mid-market level of protection.

Important Antispam Controls Lacking in Microsoft Exchange and Office365

Microsoft Exchange and Office 365 include several mechanisms for detecting spam and malicious messages, but lack the advanced techniques that are now required to block increasingly sophisticated phishing attacks. They are also unable to keep up with volume of new malware variants that are currently being released.

SpamTitan on the other hand uses SURBL filtering, Bayesian analysis, machine learning, heuristics, and malicious URL detection mechanisms to catch more spam and malicious messages. Further, twin anti-virus engines provide superior protection against ransomware and malware in email attachments.

FAQ

Is SpamTitan compatible with all Microsoft Exchange servers?

SpamTitan is compatible with Microsoft Exchange 2013, 2016, and 2019, and can be configured to work alongside Microsoft Exchange 2010 servers. If you use an Exchange 2013 or 2016 server, you will find articles relevant to each here and here. If you use an Exchange 2019 server, the mailbox server roles were unchanged from Exchange 2016.

What is Greylisting – the first process in the email flow chart?

Greylisting returns emails from all non-whitelisted senders to the senders´ mail servers with a request for the email to be resent. Genuine mail servers automatically return greylisted emails, while those used by spammers usually have the resend facility disabled because of the amount of returned mail. This process therefore mitigates the volume of spam emails from previously unknown sources.

What is the benefit of customizable spam email policies?

The benefit of customizable spam email policies is that system administrators can apply different spam thresholds for different users, teams, and departments. Users with a low threshold (i.e., those in Sales & Marketing) may receive some spam emails, while users with a high threshold (i.e., in Finance) are better protected against sophisticated BEC and phishing emails.

How do “content filtering rules” work?

Content filtering rules work by assigning each inbound email a spam score. System administrators can define how emails with different spam scores are treated; so, those with a high spam score can be deleted, while those with a lower spam score can be quarantined for further investigation, delivered to the recipient´s spam folder, or delivered to the recipient´s inbox with a warning.

How likely is it that an outbound email will be flagged as spam?

It is not very likely that an outbound email will be flagged as spam if users refrain from the terms and phrases commonly used in spam emails. However, outbound scanning reports can alert system administrators to malicious insiders using a corporate email account to send spam emails or to an email account that has been compromised by an external third party to send spam. A compromised email account can be an indicator of other account compromises within the organization.

Is it okay to delete spam if it has been delivered to an inbox without a warning?

It is okay to delete spam if it has been delivered to an inbox without a warning subject to corporate email policies. Some businesses ask to be informed about spam emails that avoid detection (so they can measure the effectiveness of the spam filter or its configuration), while others follow the established best practice of reporting undetected spam emails to the spam filter provider.

How effective is a spam filter for an Exchange server?

The effectiveness of a spam filter for an Exchange server is reliant on how it is configured. If the filtering controls are too aggressive, the spam filter may identify a lot of spam, but also block genuine emails. If filtering controls are too relaxed, more spam will evade detection. It is up to each organization to find the most appropriate settings for the nature of the organization’s activities and the organization’s propensity to risk.

What is the purpose of a white label option?

The purpose of a white label option is so that Managed Service Providers (MSPs) and resellers can market SpamTitan under their own brand. This can be beneficial to MSPs that offer a range of services already under their own branding to avoid confusion among clients about which service is being offered by which vendor.

 

Logos