Anti Spam / email cyber security
Call us today and stop the spam! (813) 409-5566
Wikipedia defines spam as "the use of electronic messaging systems to send unsolicited bulk messages, especially advertising, indiscriminately". This definition reflects the experience of most people who have been bothered by spam. Unfortunately, technical application of the definition is difficult:
- How does an anti spam system know that an email is unsolicited, and that the recipient has not in fact given permission for it to be sent?
- Unsolicited does not necessarily mean unwanted – it is quite possible for an unsolicited email to be welcome, e.g. an enquiry from a new customer.
- What exactly is "advertising"? Because of this, it is unsurprising that different people have different opinions as to whether a particular email is legitimate or spam. In fact, it is not uncommon for one person to class a message as spam on one occasion and as a legitimate email on another. So how can an anti spam system deliver the required result with a high degree of reliability?
How is spam detected?
Due to the difficulty of technically implementing the correct definition of spam, many anti spam filter manufacturers use another definition, the "mass mail criterion". According to this, an email is classed as spam if it is sent to a large number of different addressees within a short space of time, possibly also by various senders. Unfortunately, this also includes certain types of legitimate email such as newsletters. On the other hand, individual or low volume emails with clearly abusive content are not detected via the mass mail criterion.
In light of the different definitions of spam, details of detection rates and false classification rates are difficult to compare. At most, they can be accurately predicted on an individual basis, i.e. for each individual user. For this reason, every user must ultimately decide for themselves which emails they want to receive and which they do not, and transmit this information to the spam filter.
As spam is constantly changing, ongoing filter updates are also very important
The anti spam filter must then reproduce this decision in the best possible way. However, a spam filter must also produce good results for the user even in its basic configuration, otherwise the effort required to 'train' the filter would be shifted to individual users, which defeats the point of an automatic system.
; the best anti spam filter is useless if it is supplied with outdated information.
Spam often comes in waves. These spam waves typically last between a few minutes and a couple of hours. An anti spam filter that updates after the wave has finished would have no effect, and a large volume of unwanted emails would pass through and reach users' inboxes.
A fast and tiered response is therefore important
in the event of a spam wave. First, automatic anti spam measures take effect, and then in a second step, new rules that are specially designed for the new type of spam are created and activated. As spam messages also change constantly during a wave, often this process must be repeated multiple times in the course of a wave.
The majority of spam emails are very clearly identifiable as spam, but there is a grey area where it is not easy for an anti spam program to determine whether the recipient would want to receive an email or not.
This grey area covers many newsletters, for instance. Newsletters sent by email are legitimate provided that legal requirements are met. In these cases, it cannot be assumed that the emails are unsolicited. The same is true for initial contact by email; although in such cases the email received is unsolicited, it cannot automatically be assumed that it is undesirable.
eMailPlus defines "infomail"
as emails that users do not consider undesirable but which disrupt the day-to-day workflow and distract from more important emails. Separate infomail handling is therefore a useful and cost saving feature of the eMailPlus spam filter.
eMailPlus spam filter features
eMailPlus uses the principle of the public cloud
to protect its customers' systems and networks against attacks from the Internet. To do this, eMailPlus systems are set up outside the customer's internal network, like the outworks of a fortress. eMailPlus forms the gateway for conveying emails from the Internet into the customer's internal network. This offers significant benefits:
eMailPlus solutions offer full multi-client capability
- Extremely redundant and distributed overall system layout, making it more powerful and more resilient against attacks than individual installations
- Defense against attacks, malware, etc. outside the customer's infrastructure, reducing strain and threats to the infrastructure
- Simplification of protection systems at the perimeter of the customer's network, making them more resilient and cost effective, and significantly reducing the administrative load
- 24/7 system monitoring by security experts, ensuring security even outside the working hours of the customer's own IT staff
, and have tiered user permissions. Data is stored hierarchically, ensuring that users are only able to access the relevant hierarchy level at all times. eMailPlus systems are run from several distributed and secure data centers.
Incoming email traffic protection
Mail traffic rerouting
eMailPlus systems are set up as a firewall between the Internet and the customer's IT infrastructure. For
incoming email traffic, it is therefore important to ensure that emails sent to the customer from the Internet are routed via eMailPlus systems and not directly to the customer's infrastructure.
On the Internet, the mail exchanger record (MX record) in the domain name service (DNS) specifies which
email server is responsible for receiving a domain's emails. To reroute the incoming email traffic, the MX record for the customer's domain is changed so that it points to the eMailPlus mail gateway.
Emails to this domain are then automatically transmitted
without further intervention from the sender's mail server to the eMailPlus infrastructure, where they are checked and forwarded to the customer's email server.