Creating an Email Spam Server

An email spam server is a mail server that uses an email filtering solution to increase the server´s spam detection rate and reduces an organizations exposure to email threats such as phishing, malware, and ransomware. An email spam server can be easily created by installing an email filtering solution as a virtual appliance, or by redirecting the mail server´s MX record to a cloud anti spam service from a SaaS provider.

Once the email spam server has been created, it filters incoming emails at the server level, rather than at the client level. Consequently, an email spam server has a much lower maintenance overhead than a client-based solution, plus it gives network administrators a higher level of governance over email activity and the volume of threats being blocked by the server.

ST Award Winner

Why Complement a Mail Server with an Email Spam Filtering Solution?

Small and medium sized businesses are being targeted by cybercriminals and email is the primary attack vector. An email filtering service  provides protection against these threats and prevents advanced phishing and malware-laced emails from reaching users  inboxes. An advanced server spam solution is the difference between those messages being identified and rejected or quarantined, or being delivered to an end user’s inbox. It only takes one click on a carefully-crafted link in the body of an email or the opening of a malicious attachment for an attack to be successful.

Third-party email filtering solutions have more advanced features and spam detection mechanisms than those provided as default by email providers. A dedicated email spam service will detect more spam email and other threats and will significantly improve your security posture. With an advanced server spam filter or cloud-based filtering service you will be able to minimize the volume of spam emails that arrive in inboxes and block more malicious messages before they cause any harm.

Phishing is the leading cause of data breaches and attacks are increasing. Phishing volume increased by more than 40% in 2018 and by 65% in 2019. 22% of all data breaches in 2020 involved phishing attacks. 85% of organisations have been hit by a phishing attack at least once.  Businesses are responding by training employees how to spot phishing emails, but cyber-criminals have upped their game and phishing attempts are becoming harder to identify.

Email is also the vector most used to deliver malware. The number of phishing emails that contain some form of ransomware rose to 97.25% since 2016. Advanced malware variants are constantly being released and signature-based detection methods struggle to block new malware threats. With phishing and malware threats sneaking past defenses, businesses are now turning to SaaS providers to provide the protection they need.

How an Email Spam Server Achieves Higher Detection Rates

Most default email services use Real-time Blackhole lists (RBLs) and SUBRL filters to block spam. These compare the IP addresses of incoming emails against databases listing IP addresses from which spam is known to have originated. The likely reason why a spam email evades detection at this point is because it has originated from a source not previously used for spamming.

An email spam filtering server uses a process known as greylisting to identify spam sent from unknown sources. It does this by returning suspect incoming emails to the mail servers from which they originated, along with a request for the email to be resent. Most mail servers respond within minutes and the emails are returned. Thereafter they undergo a series of secondary tests to determine their authenticity. Greylisting can result in a small delay receiving messages which is why it is an optional control in SpamTitan, although it is highly recommended to enable greylisting. To avoid unnecessary delays, trusted senders can be added to a whitelist to ensure their messages are always delivered without delay.

“SpamTitan alone has stopped hundreds of thousands of junk and spam emails from eating up employees time trying to sort through them and find actual customer emails. I love this product!”  M&M Golf Cars LLC

What is Greylisting

Greylisting is a process that blocks inbound email and asks for it to be resent. As spammers´ servers are too busy sending out new spam emails, the request to resend is ignored. When the blocked email is not received a second time, the greylisting process marks the original email as spam. In this way ‘new’ spamming sources are identified as well as spam from known sources, and ultimately spam email is eliminated.

A cybercriminal’s spam mail server will usually be too busy sending out spam emails to respond to resend requests, so the emails are unlikely to be returned or will be severely delayed. Using this process to prevent spam from previously unknown sources, an email spam server increases the spam detection rate from 99% to close to 100% – substantially reducing the volume of sophisticated and dangerous messages being delivered to employees´ inboxes. SpamTitan has been independently verified as having a block rate of 99.97%.

Email Filtering Solutions from SpamTitan

Email filtering solutions from SpamTitan use further mechanisms to reduce the volume of spam. Once a greylisted email is returned, our email filtering solutions run Sender Policy Framework tests, HELO tests and Reject Unknown Sender Domain tests, and DMARC verification to authenticate incoming emails. However, in order to eliminate the inadvertent blocking of business-critical emails, we also provide the tools for system administrators to apply different acceptable spam thresholds to different users or user-groups.

Why not sign up for a no obligation free demo today.

These tools can be useful if, for example, a business has a sales department that receives sales leads by email from miscellaneous sources. In this scenario, a system administrator could relax the acceptable spam threshold for employees within the sales department while maintaining a high threshold for the rest of the business. It is also possible to apply acceptable use thresholds by domain, if required, and whitelist trusted domains to prevent a delay in the receipt of business-critical emails.

Despite the additional mechanisms and tools, SpamTitan is one of the simplest email filtering solutions to set up and use. Our Email Security Gateway (virtual appliance) and cloud-based email filtering service are managed via a web-based administration portal with an intuitive interface. System administrators can apply and adjust the filter´s parameters with the click of a mouse from any Internet-connected device. It is also possible to schedule quarantine reports at any time of the night or day.

SpamTitan Email Spam Server Interface

SpamTitan Offers Defense in Depth Against Malicious Emails

The most effective way of improving email security is through defense in depth. By using layered defenses, organizations can greatly enhance their security posture against rapidly evolving malware variants and sophisticated new phishing tactics. Defense in depth or layered security means implemented overlapping layers that provide the key elements needed to secure assets: prevention, detection, and response.

A layered approach is much more effective than one large security platform, but it must be done correctly.  All security layers must work together not against each other, this can be tricky if you purchase layers from multiple vendors.

When you take a layered approach, you have access to much more data, alerts and monitoring to provide a better view to strengthen your ability to completely secure your network. When one layer fails, the other supports to catch anything suspicious. Multiple layers are critical for a strong defense and quick containment.

Some of the biggest data breaches are the result of failed security. The average ransomware payment was $234k in 2020.  Had the right layers been in place, the users would not have fallen for phishing emails that were then used to download malicious content.Despite the very real and increasing dangers of ransomware, 66 percent of SMBs still assume they are too small to be targeted. For some SMBs, the potential financial liabilities of ransomware are still not enough motivation to build a strong layered security strategy.

Predictive methods for detecting new threats

SpamTitan uses several predictive methods for detecting new threats, such as subjecting each incoming message to a Bayesian analysis. Machine learning and heuristics also help to greatly improve spam detection rates and prevent malicious and unwanted messages from reaching users’ inboxes.

SpamTitan also includes a Bitdefender-powered sandboxing feature to identify malicious code and zero-day malware and ransomware threats. SpamTitan’s sandboxing feature protects against breaches and email attacks by providing a powerful environment to run in-depth, sophisticated analysis of  suspicious programs and files.

When email attachments pass the checks performed by the dual antivirus engines, yet are suspicious, they are sent to the sandbox for in-depth analysis. The sandbox allows the files to be studies for any malicious actions such as Command and Control (C2) center callbacks. Without this feature, new malware variants would not be detected as malicious and would arrive in inboxes.

Email spam server

Office365 and SpamTitan Features Compared

Email services provide a degree of protection against spam and malicious emails, but many threats slip through the net. Organizations that add an additional layer to their email defenses and adopt a third-party spam filtering solution will achieve far greater spam detection rates.

Office 365 has many built-in security features; however, organizations that have grown accustomed to dedicated security solutions with advanced filtering and advanced reporting capabilities are likely to find that the default security offering of Office 365 falls short of requirements.

SpamTitan’s spam detection rate has been independently verified and shown to block 99.97% of spam emails. This is achieved through the use of advanced spam detection mechanisms such as SURBL filtering, machine learning, Bayesian analysis, and greylisting. SpamTitan also uses a variety of malicious URL detection mechanisms to detect phishing emails and dual anti-virus software engines are used to detect and block malware and ransomware threats. The result is enhanced spam detection and more reliable blocking of spam, phishing emails, zero-day attacks, and new malware and ransomware threats.

Comparison of Office365 and SpamTitan

Find Out More about Creating an Email Spam Server with SpamTitan

If you would like to reduce the volume of spam evading detection and better protect your network against phishing, malware and ransomware, speak with us about creating an email spam server with SpamTitan protection. Our team of Sales Technicians will be happy to answer any questions you have about maximizing the spam detection rate and the features of SpamTitan that can help enhance network security.

Our team will also invite you to take a free trial of SpamTitan so you can evaluate the merits of an email spam server in your own environment. The trial will give you the opportunity to find the appropriate spam threshold levels for each department in your business so that, should you choose to continue using our service at the end of the trial, no further configuration of the email filtering solution will be necessary.

  • Cybercriminals and spammers are becoming more sophisticated.
  • Standard email filters only block spam from previously known sources.
  • The SpamTitan email filter can be configured to block spam from new sources.
  • Different acceptable spam thresholds can be applied per user or user-group.
  • The email spam server can be administered from any Internet-connected device.
  • Take advantage of our free trial offer to experience the benefits of SpamTitan today.

SpamTitan is a multi-award-winning email protection, spam filtering, and email filtering solution. Start your free trial for SpamTitan today to discover how you can better protect your network against phishing, malware and ransomware. Start Free Trial

Creating an Email Spam Server FAQ

How can I improve the spam filter on Office 365?

The best way to improve the Office 365 spam filter is to add an additional layer of protection on top with a third-party solution such as SpamTitan. A third-party spam filter doesn’t replace the spam and phishing protection provided by Office 365, instead it adds additional detection measures to block more spam, malware, phishing and zero-day attacks.

Why is outbound scanning important if I scan inbound emails?

Email account credentials can be obtained through phishing, brute force tactics, or using stolen credentials. When an email account is compromised it is common for the account to be used for sending phishing emails. Outbound scanning detects malicious emails send from a compromised account. You can also tag data elements to protect against data loss.

Can I apply different spam filtering settings for each department?

Most spam filters allow you to apply spam filtering controls at three levels: Organization-wide, for departments/user groups, and at the individual user level. These controls are easy to apply if a spam filtering solution integrates directory services such as LDAP and AD.

How can I stop genuine emails from being blocked?

Most spam filters have low false positive rates and rarely block genuine emails and machine learning mechanisms see the spam filter improve over time. The easiest way to ensure genuine emails are not misclassified is to whitelist trusted senders. Emails from a particular address or domain will then always be delivered.

What are layered phishing defenses?

Layered defenses mean multiple overlapping layers of protection, so if one mechanism fails to detect a malicious message, others are in place to ensure you are protected. An example would be the standard Office 365 spam filter, SpamTitan Cloud layered on top, a web filter, and end-user training to help employees recognize email threats.

With the shift to remote workforce we have seen massive demand this year for two products in particular that can be rolled out seamlessly to remote devices and work from home environments. These are SpamTitan cloud-based email security, which protects remote workers from the newest variants of phishing attacks, and our AI-driven DNS security solution, WebTitan. Combined, these create an umbrella layer protecting users data and devices from phishing attempts.

SpamTitan is a multi-award-winning email protection, spam filtering, and email filtering solution. Start your free trial for SpamTitan today to discover how you can better protect your network against phishing, malware and ransomware. Start Free Trial