An email protection service is an email filtering and virus scanning service that helps protect networks against threats from both outside and inside the network. Typically, an email protection service has a high spam detection rate (above 99.9%), identifies attempts to compromise corporate mail accounts, and prevents emails being sent from corporate mail accounts that could result in the business´s IP address being blacklisted.
An email protection service is also a valuable tool for identifying viruses that may have been inadvertently introduced into a network by an employee. This can happen if, for example, the employee uploads a file from a USB flash drive that has been copied from their malware-infected home computer, or if they connect their malware-infected mobile device to the business´s wireless network. In this respect, outbound email scanning can add an extra layer to a business´s online security strategy.
How an Email Protection Service Achieves a High Spam Detection Rate
An email protection service achieves a high spam detection rate through a process known as greylisting. When enabled, this process returns all inbound emails to the originating mail server with a request for the email to be resent. Usually, the mail server responds to the request and the email is returned within a couple of minutes. Spammers´ mail servers, however, are often too busy sending out spam to respond to the request and fail to resend the spam email.
Once an email has been returned, the email protection service then runs it through a series of mechanisms to ensure as much as possible that the email is legitimate. These include checks against Real-Time Blacklists and SURBL databases to find matches with IP addresses from known spammers, recipient verification checks to ensure each email is addressed to an existent account, and HELO tests to prevent spoofed emails avoiding detection.
By initially rejecting inbound emails and then checking those that are returned, an email protection service prevents emails from known and unknown sources of spam mail avoiding detection. Subject to how it is configured and the acceptable spam thresholds that are applied, an email protection service can reduce inbound spam email by an average of 67% – a significant reduction in a business´s exposure to phishing, malware and ransomware.
How an Email Protection Service Prevents Account Compromises
One of the advantages of a high spam detection rate is that fewer phishing emails avoid detection. A successful phishing attack can result in an employee revealing the login credentials for their email account and a spammer taking over the account with potentially serious consequences. With control of the email account, a spammer can launch Business Email Compromise (BEC) attacks or use the account to send malware-laden spam email to the business´s contacts from a “trusted account”.
The benefit to the spammer of controlling a trusted account is that many businesses whitelist the senders of business-critical emails to prevent the delivery of their emails being delayed during the whitelisting process. This means that a spammer could distributed malware via email without the threats being detected at the recipient´s end. This is not only bad for the recipient, but also from the business from which the malware has originated in terms of credibility.
A further risk exists if a spam email sent from a corporate email account is detected by the recipient´s email protection service. As well as the email being blocked, the IP address of the corporate account will be added to a global blacklist. This means that not only is the email address flagged up as a source of spam, but also any websites associated with the IP address. The outbound scanning feature of an email protection service prevents this scenario from occurring.
Try SpamTitan´s Email Protection Service for Free
SpamTitan is a versatile email protection service which is both easy to use and achieves award-winning spam detection rates (99.97%). Our service can be deployed via the cloud or via an on-premises solution that takes just minutes to install in physical or virtual infrastructure. Thereafter, domain administrators simply log in to the centralized management portal, enable whichever mechanisms they feel are most appropriate to protect their networks and adjust the default acceptable spam thresholds if desired.
Reports are automatically sent to users when inbound or outbound emails have been quarantined, and real-time and historic text logs are available to administrators with the click of a mouse. Reports can be scheduled to ascertain whether the parameters applied specific individuals, groups or domains need to be adjusted, and all emails can be retrospectively examined in order to assist with risk assessments and to identify sources of internal threats.
Source – Spam Titan