An anti spam gateway filter is software-based virtual appliance that is installed on site, rather than in the cloud. Located behind the firewall, an anti spam gateway filter typically prevents in excess of 99% of spam emails reaching their destinations – enhancing productivity and mitigating threats from phishing, malware and ransomware.
However, it is important to note not all gateway spam filter solutions are equally as effective. Some have mechanisms that prevent most unsolicited bulk emails even reaching the spam gateway – reducing the demand on network resources, and the number of email threats that evade detection. This type of anti spam gateway filter can achieve spam detection rates of 99.97%.
The Key Feature for Maximum Spam Detection
The key feature of a gateway spam filter that helps achieve such a high spam detection rate is “Greylisting”. To understand why Greylisting is so effective, it is important to know that spam filters without this feature identify spam by comparing the IP address of the sending mail server against a RBL blacklist of IP addresses from which spam is known to have originated.
In the Greylisting process, every incoming email is returned to the mail server from which it originated with a request to send it again. Usually the request is fulfilled within minutes, but spammers´ mail servers – being too busy sending new spam emails – ignore the request. In this way, Greylisting prevents most unsolicited bulk emails entering the spam gateway. Greylisting is provided as an optional control. While effective at identifying spam email, it can delay messages by a few minutes. To prevent this, it can be combined with whitelisting for trusted senders to ensure their messages are not delayed. Having greylisting in place for all other emails is highly recommended.
The Secondary Mechanisms within the Spam Gateway
When a mail server responds to the Greylisting request and resends an email, the email then goes through the secondary mechanisms within the spam gateway. These include checking the IP address against an RBL blacklist as above, and assigning a Spam Confidence Score based on the email´s content. The gateway spam filter also looks at Sender Policy Framework and Recipient Verification protocols.
A feature that some anti spam gateway filters lack is SUBRL filtering. This secondary mechanism inspects emails and their attachments for URLs that have been reported previously in unsolicited bulk emails. The purpose of this check is to identify links to websites that have been created with the sole purpose of executing a phishing attack. When any matches are found, the email is quarantined for investigation.
An Anti Spam Gateway Filter Should also Filter Outgoing Mail
In order to maximize network security, an anti spam gateway filter should also filter outgoing mail. The reason for this is to identify spamming from within the business that could be inadvertent (i.e. by a careless employee) or that could indicate a business email account has been compromised by a spammer and is being used to send spam from a trusted source.
Either scenario could damage a business´s “IP reputation” – a factor that, for some anti spam gateway filters, contributes towards the email´s Spam Confidence Score. In extreme cases, unidentified outgoing spam can lead to a business´s IP address being added to a RBL blacklist, which would not only affect its email communications, but also access to its website(s).
Try SpamTitan´s Gateway Spam Filter for Free
SpamTitan´s gateway spam filter includes all the features business´s need to enhance productivity and mitigate threats from phishing, malware and ransomware by preventing 99.97% of spam from reaching employees´ inboxes. However, rather than load our gateway spam filter with complicated controls, SpamTitan has been designed to be user-friendly with low maintenance overheads.
Implementation of our anti spam gateway filter takes just a few minutes, the configuration of the filtering mechanisms is straightforward, and the application of user policies can be achieved quickly via directory synchronization. Management of the gateway spam filter is via a centralized web-based portal, through which administrators can schedule reports and access quarantine logs in real time.
SpamTitan´s gateway spam filter includes all the features mentioned above to deliver a verifiable spam detection rate of 99.97% with 0.03% false positives. Our dual anti virus software has a 100% record of capturing inbound and outbound viruses, and includes advanced features for IP protection control. Furthermore, SpamTitan can help protect ant number of users, or any number of domains, and is universally compatible with every type of operating system.
To find out more about the features of SpamTitan´s gateway spam filter, and to request a free trial to evaluate SpamTitan in your own environment, do not hesitate to get in touch. Our Sales Technicians will be happy to answer your questions about our anti spam gateway solution and explain more about how the secure email gateway will work in your specific circumstances. There is never a bad time to reduce spam and your exposure to email-borne threats, so contact us today.
Is whitelisting the same as having an approved senders list?
In the context of an anti-spam gateway, whitelisting is exactly the same as having an approved senders list – however we recommended this feature is not used to feely. If the email account of a contact on the approved senders list is compromised by hackers or phishers, emails from that account would not be filtered and could expose the organization to risk.
How does outbound scanning protect businesses from risk?
Using the example given above of a contact´s email account being compromised, outbound scanning reveals anomalies in email activity that should be investigated by the SOC team. Depending on how the outbound scanner is configured, it can also scan for malware in the content of – or attached to – an outbound email.
How are inbound spam emails treated by the anti-spam gateway?
Inbound emails are allocated a spam confidence score. The higher the score, the more likely the email is to be spam. System administrators can apply specific actions to emails allocated a high spam confidence score, varying from blocking delivery or deleting the email, to quarantining the email or delivering it with a warning that the email is likely to be spam.
Is it possible to treat emails with the same spam confidence score differently?
Spamtitan´s anti-spam gateway enables system administrators to apply block, delete, quarantine, and flag actions by individual user, team, and/or department. This means – for example – that finance teams can be better protected from phishing emails, while potential leads with the same spam confidence score are still delivered to the sales team – albeit with a warning.
How much does SpamTitan´s Gateway Spam Filter cost after the free trial?
Our Gateway Spam Filter is priced according to how many inboxes your organization wants to protect, the length of service you are willing to commit to and your chosen payment option. You can use our cost calculator to work out how much that will be; or, if your preferred option is not covered by the cost calculator, contact us for a quote.