Email Filtering

Email Filter Definition

Email filtering is the process of filtering an organisation's inbound and outbound email traffic. Inbound email filtering scans messages addressed to users and classifies messages into different categories. These include, but are not limited to: spam, adult, bulk, virus, impostor, and others. Outbound email filtering uses the same process of scanning messages from users before delivering any potentially harmful messages to other organisations. Organisations can deploy this functionality as a cloud service or as an on-premises appliance, depending on their requirements.

Email Filtering Appliances Explained

For some industries, an on-premises email filtering deployment is required for compliance with certain regulations. Others might prefer an on-premises deployment to keep all their data internal. This means that a physical appliance needs to be provisioned on-premises with software installed to execute email filtering. Appliance-based email filtering allows organisations to keep all of their data internal and managed by their own IT staff. Appliances need to be maintained, managed and updated by the internal IT staff. This is often a manual process and can be time-consuming. Additional equipment will be necessary as the company grows.

Another option for email filtering is cloud deployment. This enables access to the email filtering software for all IT staff members at an organisation. As organisations move more services and applications to the cloud, it makes sense to also move email filtering to the cloud. This allows them to scale faster than appliance-based infrastructures and with less management effort. Deploying email filtering in the cloud allows for automatic and real-time updates. This gives organisations the latest technology for email spam protection and defenced against other attacks.

Hybrid, Cloud, and On-Premise Email Filtering Options

Email Filtering Techniques

The techniques used in email filtering will determine how effectively mail is routed. An organisation should consider what they want in an email filtering solution. A combination of the following techniques can help organisations achieve maximum effectiveness:

  • Reputation-Based Email Filters—Attempts to stop spam or allow legitimate email by filtering out known spammers or approving trusted senders based on reputation databases. Reputation Block Lists (RBLs) are lists of domains, URLs, and IP addresses that have been analysed and deemed as possible security threats. RBLs are one of the main ways organisations can protect against spam.
  • Whitelisting—Provides organisations the ability to determine which senders they accept email from by adding them to a list.
  • Blacklisting—Provides organisations the ability to determine which senders they want to block email from by adding them to a list.
  • Greylisting—Allows an organisation to defend against spam by temporarily rejecting any email from a sender that it does not recognise. If the mail is legitimate, the sending server will try again after a delay, and the email will be accepted.
  • Anti-virus—Protects against new and existing viruses and other forms of malicious code using signature-based and non-signature-based technology.
  • Content Analysis—Offers the ability to block an email based on the content of the message. For example, if a message contains certain words, the content filter can determine that it is a spam message. Another example is if the message contained an attachment and the organisation doesn’t want to let it through. Another form of content filtering is Bayesian analysis. Bayesian analysis filters spam by learning from each message it scans. The more messages are scanned, the greater the effectiveness of the analysis.

Organisations will have better protection from spam and other unwanted mail by having the above techniques included in an email filtering service.

Free Email Filter vs. Other Software Solutions

Organisations deciding what they need from an email filtering service need to understand what techniques are offered. Not all email filtering services are created the same. Organisations have the option to go with either a free email filter or paid enterprise email filtering solutions. Email filters that can be used for free are typically cloud-based set-it-and-forget-it, with low overall management and time commitment. However, they may not provide all of the aforementioned techniques to provide the most effective email filtering. You need to understand exactly what is offered when deciding whether or not to go with a free email filter or an enterprise solution.

With an enterprise email filtering solution, you have the option to choose either an appliance-based or cloud-based solution. And you will typically find the vast majority of email security and protection techniques are included to protect your organisation against spam and other unwanted emails. Another advantage that you get with an enterprise solution is the ability to create your own custom policies and rules specific to your organisation. This gives you power over how your email is filtered.