An email spam server is a mail server that uses an email filtering solution to increase the server´s spam detection rate and reduce a business´s exposure to email threats such as phishing, malware, and ransomware. An email spam server can be easily created by installing an email filtering solution as a virtual appliance, or by redirecting the mail server´s MX record to a cloud anti spam service from a SaaS provider.
Once the email spam server has been created, it filters incoming emails at the server level, rather than at the client level. Consequently, an email spam server has a much lower maintenance overhead than a client-based solution, plus it gives network administrators a higher level of governance over email activity and the volume of threats being blocked by the server.
Why Complement a Mail Server with an Email Filtering Solution?
Most email services have some degree of email filtering, but rarely is it sufficient to prevent businesses receiving significant volumes of spam and phishing emails. Typically default anti spam servers block between 95% and 97% of spam – which, in a large business, can mean hundreds of spam emails evade detection every day. Even at the highest levels of spam detection, there would be cause for concern with such a spam email service.
Cybercriminals are conducting increasingly sophisticated campaigns to deliver spam, phishing emails, and malware-laced messages. An advanced server spam solution is the difference between those messages being identified and rejected or quarantined, or being delivered to an end user’s inbox. It only takes one click on a carefully-crafted link in the body of an email or the opening of a malicious attachment for an attack to be successful.
Third-party email filtering solutions have more advanced features and spam detection mechanisms than those provided as default by email providers. A dedicated email spam service will detect more spam email and other threats and will significantly improve your security posture. With an advanced server spam filter or cloud-based filtering service you will be able to minimize the volume of spam emails that arrive in inboxes and block more malicious messages before they cause any harm.
How an Email Spam Server Achieves Higher Detection Rates
Most default email services use Real-time Blackhole lists (RBLs) and SUBRL filters to block spam. These compare the IP addresses of incoming emails against databases listing IP addresses from which spam is known to have originated. The likely reason why a spam email evades detection at this point is because it has originated from a source not previously used for spamming.
An email spam server uses a process known as greylisting to identify spam sent from unknown sources. It does this by returning suspect incoming emails to the mail servers from which they originated, along with a request for the email to be resent. Most mail servers respond within minutes and the emails are returned. Thereafter they undergo a series of secondary tests to determine their authenticity. Greylisting can result in a small delay receiving messages which is why it is an optional control in SpamTitan, although it is highly recommended to enable greylisting. To avoid unnecessary delays, trusted senders can be added to a whitelist to ensure their messages are always delivered without delay.
A cybercriminal’s spam mail server will usually be too busy sending out spam emails to respond to resend requests, so the emails are unlikely to be returned or will be severely delayed. Using this process to prevent spam from previously unknown sources, an email spam server increases the spam detection rate from 99% to close to 100% – substantially reducing the volume of sophisticated and dangerous messages being delivered to employees´ inboxes. SpamTitan has been independently verified as having a block rate of 99.97%.
Email Filtering Solutions from SpamTitan
Email filtering solutions from SpamTitan use further mechanisms to reduce the volume of spam. Once a greylisted email is returned, our email filtering solutions run Sender Policy Framework tests, HELO tests and Reject Unknown Sender Domain tests, and DMARC verification to authenticate incoming emails. However, in order to eliminate the inadvertent blocking of business-critical emails, we also provide the tools for system administrators to apply different acceptable spam thresholds to different users or user-groups.
These tools can be useful if, for example, a business has a sales department that receives sales leads by email from miscellaneous sources. In this scenario, a system administrator could relax the acceptable spam threshold for employees within the sales department while maintaining a high threshold for the rest of the business. It is also possible to apply acceptable use thresholds by domain, if required, and whitelist trusted domains to prevent a delay in the receipt of business-critical emails.
Despite the additional mechanisms and tools, SpamTitan is one of the simplest email filtering solutions to use. Our Gateway (virtual appliance) and cloud-based service are managed via a web-based administration portal with an intuitive interface. System administrators can apply and adjust the filter´s parameters with the click of a mouse from any Internet-connected device. It is also possible to schedule quarantine reports at any time of the night or day.
SpamTitan Offers Defense in Depth Against Malicious Emails
The most effective way of improving email security is through defense in depth. By using layered defenses, organizations can greatly enhance their security posture against rapidly evolving malware variants and sophisticated new phishing tactics.
SpamTitan uses several predictive methods for detecting new threats, such as subjecting each incoming message to a Bayesian analysis. Machine learning and heuristics also help to greatly improve spam detection rates and prevent malicious and unwanted messages from reaching users’ inboxes.
SpamTitan also includes a Bitdefender-powered sandboxing feature to identify malicious code and zero-day malware and ransomware threats. When email attachments pass the checks performed by the dual antivirus engines, yet are suspicious, they are sent to the sandbox for in-depth analysis. The sandbox allows the files to be studies for any malicious actions such as Command and Control (C2) center callbacks. Without this feature, new malware variants would not be detected as malicious and would arrive in inboxes.
Office365 and SpamTitan Features Compared
Email services provide a degree of protection against spam and malicious emails, but many threats slip through the net. Organizations that add an additional layer to their email defenses and adopt a third-party spam filtering solution will achieve far greater spam detection rates.
Office 365 has many built-in security features; however, organizations that have grown accustomed to dedicated security solutions with advanced filtering and advanced reporting capabilities are likely to find that the default security offering of Office 365 falls short of requirements.
SpamTitan’s spam detection rate has been independently verified and shown to block 99.97% of spam emails. This is achieved through the use of advanced spam detection mechanisms such as SURBL filtering, machine learning, Bayesian analysis, and greylisting. SpamTitan also uses a variety of malicious URL detection mechanisms to detect phishing emails and dual anti-virus software engines are used to detect and block malware and ransomware threats. The result is enhanced spam detection and more reliable blocking of spam, phishing emails, zero-day attacks, and new malware and ransomware threats.
Find Out More about Creating an Email Spam Server with SpamTitan
If you would like to reduce the volume of spam evading detection and better protect your network against phishing, malware and ransomware, speak with us about creating an email spam server with SpamTitan protection. Our team of Sales Technicians will be happy to answer any questions you have about maximizing the spam detection rate and the features of SpamTitan that can help enhance network security.
Our team will also invite you to take a free trial of SpamTitan so you can evaluate the merits of an email spam server in your own environment. The trial will give you the opportunity to find the appropriate spam threshold levels for each department in your business so that, should you choose to continue using our service at the end of the trial, no further configuration of the email filtering solution will be necessary. Contact us today to find out more and start your free trial.
- Cybercriminals and spammers are becoming more sophisticated.
- Standard email filters only block spam from previously known sources.
- The SpamTitan email filter can be configured to block spam from new sources.
- Different acceptable spam thresholds can be applied per user or user-group.
- The email spam server can be administered from any Internet-connected device.
- Take advantage of our free trial offer to experience the benefits of SpamTitan today.
Creating an Email Spam Server FAQ
How can I improve the spam filter on Office 365?
The best way to improve the Office 365 spam filter is to add an additional layer of protection on top with a third-party solution such as SpamTitan. A third-party spam filter doesn’t replace the spam and phishing protection provided by Office 365, instead it adds additional detection measures to block more spam, malware, phishing and zero-day attacks.
Why is outbound scanning important if I scan inbound emails?
Email account credentials can be obtained through phishing, brute force tactics, or using stolen credentials. When an email account is compromised it is common for the account to be used for sending phishing emails. Outbound scanning detects malicious emails send from a compromised account. You can also tag data elements to protect against data loss.
How can I stop genuine emails from being blocked?
Most spam filters have low false positive rates and rarely block genuine emails and machine learning mechanisms see the spam filter improve over time. The easiest way to ensure genuine emails are not misclassified is to whitelist trusted senders. Emails from a particular address or domain will then always be delivered.
What are layered phishing defenses?
Layered defenses mean multiple overlapping layers of protection, so if one mechanism fails to detect a malicious message, others are in place to ensure you are protected. An example would be the standard Office 365 spam filter, SpamTitan Cloud layered on top, a web filter, and end-user training to help employees recognize email threats.
Can I apply different spam filtering settings for each department?
Most spam filters allow you to apply spam filtering controls at three levels: Organization-wide, for departments/user groups, and at the individual user level. These controls are easy to apply if a spam filtering solution integrates directory services such as LDAP and AD.