How an Anti-Spam Server Differs from a Mail Server

The distinction between an anti-spam server and a mail server can be difficult to explain. Traditionally, an anti-spam server has been regarded as a mail server with email filtering software acting as a gateway between the mail server and the firewall. More recently, an anti-spam server can also be cloud-based, with the email filtering software connecting to the mail server via the MX record.

Some definitions of the term anti-spam server simply relate to the way in which the filtering process is conducted at server-level, rather than at each individual device (“client”) connected to the network. Server-level filtering is much less labor-intensive than client-level filtering, and it gives administrators clearer oversight of network activity. In this respect, an anti-spam server is a far more effective security solution for protecting networks against phishing, malware and ransomware.

Don’t All Mail Servers Have Email Filtering Software?

Most mail servers already have some form of email filtering software; or at least provide tools with which administrators can set rules about how incoming email should be managed. Some of these tools are very good, and can learn to identify emails with a high probability of spam content (Bayesian Analysis), or move emails to a spam folder based on users´ previous actions (Adaptive Junk Filtering).

However, due to the evolving sophistication of spam email – and the fact that filtering mechanisms capable of learning new tricks do so retrospectively – many “default” filtering mechanisms would not be regarded as an effective anti spam server because they are not very good at detecting spam email. For example, in a recent test conducted by independent testing service AV Comparatives, the Outlook default filtering mechanism detected just 89.87% of spam email.

Percentages Matter With Email Filtering Software

Due to the risk of malware and ransomware being deployed by spam email, most businesses choose to implement third-party email filtering software in order to support the email detecting capabilities of the default filtering mechanisms and change their mail server into an anti spam server. Third party email filtering software can also be good, bad or indifferent when it comes to detecting spam emails.

In a test similar to that which identified Outlook´s low spam detection rate, researchers sent 127,800 spam emails through a number of different spam filters within a week. The researchers found the average spam detection rate between the top ten performing spam filters was 96.86% – meaning that, on average, more than 4,000 spam emails avoided detection.

It is not unusual for a large organization to be sent 127,800 spam emails within a week. In 2015, the Radicati Group estimated the average office-based employee was receiving 12 spam emails a day; so, at a rate of 60 spam emails a week and an average spam detection rate of 96.86%, a business would only need to have sixty-seven office-based employees in order to have 127,800 spam emails sent to it each week. ({127,800 * (1 – 0.9686)} / 67).

Regardless of which “Top 10 Cybersecurity Threats” article you read, email is the number 1 threat vector for businesses. Most malware attacks and approximately 90% of ransomware attacks start at email level, which is also where most phishing attacks originate (the majority of the remainder being delivered via social media). Furthermore, cybercriminals are becoming more sophisticated in the techniques they use to avoid detection and fool users into opening their emails.

 

Threats from Phishing, Malware and Ransomware

Read over 200+ Independent Reviews on Capterra

2020 was a successful year for cybercriminals in the business of ransomware. Tactics were adjusted to fit the climate of home working and utilize the proliferation of stolen data and credentials. Businesses across all sectors should expect ransomware attacks to continue if cybercriminals get their payday. RaaS only exacerbates the issue by making the tools behind the crime easy to use.

One thing is certain, cybercriminals will adapt their tactics and processes to fit the environment. The ransomware of old, which relied on encrypting data to extort a ransom, is now using expanded techniques including data exfiltration and the threat of exposure of stolen data. For the cybercriminal, ransomware is the gift that keeps on giving.

Organizations too must adapt to counterbalance these cyber-threats, no matter what form they take. Ransomware must be stopped before the point of entry and not left to be dealt with after an attack has taken hold. The use of social engineering to manipulate users, along with stolen data and credentials to propagate attacks, and adaptive tools that evade detection, makes ransomware a formidable security threat. ‘Nipping ransomware in the bud’ is a strategic move by an organization to contain this threat. Endpoint protection is clearly not enough. The use of a smart monitoring system designed for complex threats like ransomware can detect threats in real-time before they become an infection. Unlike traditional endpoint anti-malware, smart monitoring platforms perform real-time updates and protect against active and emerging phishing URLs and threats. Cybercriminals are masters of invention and have many tricks up their sleeve, however, businesses can fight back, but to do so, they must take real-time action.

One of the most popular techniques currently being employed is “spoofing”. Email spoofing is when a cybercriminal constructs an email to look as if it originates from a trusted source (a bank, a solicitor or event the business itself). If the spoofed email is sent from a not yet identified source of spam and is returned after greylisting (see below), it could avoid detection by “standard” email filtering software.

The best defense against spoofing is a trio of front line mechanisms – HELO tests, DKIM tests and DMARC tests – which validate the sender of the email against a Sender Policy Framework. This process can eliminate all spoofing emails except those that originate from a compromised account within the business itself and counter the increasing sophistication of spam emails to prevent users falling for phishing emails.

Spam Emails Cost Money by Reducing Productivity

In addition to the threats from phishing, malware and ransomware, spam emails cost businesses money by reducing productivity. Experts have estimated it takes a security-conscious employee an average of four seconds to identify and delete a spam email. Therefore, an employee receiving 12 spam emails per day would spend four minutes a week deleting spam emails – or 192 minutes per year based on a 48-week cycle.

Multiple 192 minutes by sixty-seven employees, and we are looking at 214.4 hours a year; or – at an average office worker´s hourly rate of $12.50 per hour – $2,680. The cost may not seem a lot unless you pay your office workers a lot more than $12.50 per hour or employ more than sixty-seven employees that have access to email – and provided they are all security-conscious.

Should one malware-laden email be opened in error, the cost can be far greater. A 2015 study by the Ponemon Institute (“The Cost of Phishing and Value of Employee Training”) found the average cost of recovering from a successful phishing attack was $338,098. The cost of an uncontained malware attack or credential compromise incident was much higher.

Reduce Exposure to Spam with a SpamTitan Email Filter

The best way in which businesses can reduce their exposure to spam, increase employee productivity and minimize the threats from phishing, malware and ransomware is with an email filter from SpamTitan. SpamTitan filters have advanced filtering mechanisms, which – subject to the acceptable spam thresholds applied by system administrators – detect 99.97% of spam emails.

One of the reasons why SpamTitan´s email filters achieve a much high spam detection rate than the top ten tested spam filters is a process known as greylisting (you can read more about greylisting in our technical support article). Administrators also have the choice of enabling Sender Policy Frameworks, HELO/DKIM/DMARC tests and recipient verification protocols in order to minimize the business´s exposure to spam.

Compared with the average spam detection rate of the top ten tested spam filters, an employee previously receiving twelve spam emails a day would only receive four spam emails a day. The cost per year of lost productivity for a business employing sixty-seven office-based workers would fall from $2,680 to $894, and the business would be 66% less likely to be the victim of a successful phishing attack, uncontained malware attack or credential compromise.

Read over 200+ Independent Reviews on Capterra

Is SpamTitan a Gateway or Cloud-Based Anti Spam Server?

We offer our anti spam server with a choice of deployment options. SpamTitan is available as a Gateway anti spam server (with the additional option of clustering) or as a cloud-based anti spam server that can be hosted in our cloud or in a private cloud if required. Both solutions are easy to manage via a centralized administration portal, through which administrators can apply and adjust acceptable spam thresholds by user, user-group or business-wide with the click of a mouse.

Both solutions are compatible with all operating systems and networks, have fully automated updating, and are scalable to an unlimited number of mailboxes. SpamTitan also supports multiple domains – making it an ideal anti spam server for Managed Service Providers looking for a multi-tenanted solution to resell to clients. We can provide SpamTitan as a white label product if required.

If you would like to know more about how a spam email filter from SpamTitan turns your mail server into an anti spam server, do not hesitate to contact us. Our team of experienced Sales Technicians will be happy to answer any questions you have and will offer you a free trial of the SpamTitan solution most suitable for your requirements. It takes less than twenty minutes to turn your mail server into an anti spam server with SpamTitan, so contact us today, and start reducing your business´s exposure to spam, increase employee productivity and minimize the threats from phishing, malware and ransomware.

  • Quick deployment.
  • Easy synchronization with Active Directory and LDAP.
  • Administered via a web-based portal. No agents required.
  • Spam Confidence Levels can be applied by user, user-group and domain.
  • Greylist, whitelist or blacklist senders/IP addresses.
  • Sandboxing
  • Infinitely scalable and universally compatible.
  • Available in white label format for MSPs.

 

Better Anti-Spam Server FAQs

How does the greylisting process work?

Greylisting is a front-line defense in which every inbound email originating from external sources is initially rejected and returned to the source server with a request to send the email again. Spam servers tend not to be SMTP-compliant and it is unlikely the email will be returned. In the event a spam email is returned, it is highly likely to be identified and blocked by a second-line test.

Is it possible to bypass the greylisting process?

The option exists to whitelist trusted senders in order to bypass the greylisting process, but it is recommended this option is used with care. While whitelisting a trusted sender will accelerate the delivery of their emails, the risk exists that a trusted sender´s email account could be compromised at a later date and be used to send spam, malware, or phishing emails.

With high spam detection rates, what are the chances of blocking genuine emails in error?

With high spam detection rates, genuine emails can occasionally be blocked if (for example) they have typically spammy subject titles (i.e. “Hello”). However, in the latest testing of SpamTitan Gateway and SpamTitan Cloud, the “false positive” rate was recorded at just 0.003%. This means only 1-in-33,333 genuine emails was mistakenly categorized as spam on optimal settings.

Most spam mail is harmless, so why implement an anti-spam server?

While some sources claim malicious emails only account for 2.5% of all spam emails, there are more than 15 billion spam emails sent each day. If the claim is correct, that is more than one malicious email for each man, woman, and child in the USA per day. If only one of those malicious emails avoids detection, it can compromise the security of an organization´s entire network.

How much does a better anti-spam server cost?

Our anti-spam servers are subscription-based services and priced according to the number of email inboxes you wish to protect and the length of time you wish to subscribe to our service. To help businesses better understand the cost of an anti-spam server, we provide an anti-spam cost calculator, or you are invited to contact us and request a quote.