Protect your email from spam

[Father]

Unsolicited emails not only cause annoyance and take up space in your email inbox. Spam can cause the entire corporate network to collapse, as well as destroy or leak important organization data. Today we will tell you how to protect your personal and corporate email from spam.

Personal mail and protection from unsolicited mailings​

Spam is messages that arrive without the user's consent or knowledge. They are not always malicious, but they are often unwanted and completely useless for a particular user. We recommend using several proven methods to protect your personal email from spam:

1. Have multiple email addresses. One is for important and necessary things, which should be protected and not highlighted on suspicious sites or in social networks. And the rest to register wherever you want.
2. Using spam filters. Activate filters on the mail server. These tools analyze incoming messages, identify the characteristic signs of spam, and block suspicious emails.
3. Be careful when registering on websites. Limit the provision of personal information and follow the terms of use.
4. Do not post your email address publicly. Avoid publishing your email address on public resources such as websites, social networks, and so on.
5. Using temporary addresses to register on untrusted sites. This will avoid spam on the primary address.

A good way to protect your personal email from spam and other threats is to use secure email providers. For example, Criptext, ProtonMail, Disroot, Tutanota. These providers use open source and end-to-end email encryption. In addition, they also have anti-spam functionality. For example, creating " masks "(temporary addresses) for registering on different sites.

Compliance with these measures significantly reduces the amount of junk mail in your mailbox, ensuring a safer and more efficient use of email.

Protecting your company's corporate email​

Email is a key element of communication between businesses and organizations. Spam can cause mail servers to crash and lose performance. Therefore, email security should be a priority for any organization.

Dmitry Ovchinnikov
Chief Specialist of the Integrated Information Security Systems Department of Gazinformservis

If you have a small organization, the easiest way to protect yourself from spam is to rent an email service. In this case, it becomes the provider's task to protect against unsolicited and malicious mailings. If you have a lot of employees and it is cheaper to run your own email service, then professional solutions for protecting against spam and viruses are the best option.

For reliable protection of corporate e-mail, security personnel first set up filter systems, as well as an email client and server.

Artem Izbayenkov
Director of Cybersecurity at Edge2

To protect email from spam and other threats, the following classes of solutions are usually used::

1. Rule-Based Filtering. Uses predefined rules to identify spam. This may include keywords, phrases, or message characteristics.
2. Filtering based on black lists (Blacklist Filtering). Blocks messages from known spam sources using databases of blocked addresses or domains.
3. Filtering based on whitelists (Whitelist Filterin). Allows only messages from pre-approved senders, which reduces the chance of false positives.

At the client level, you should implement machine learning algorithms that analyze the content of messages, senders, and user behavior to identify potential spam. On the server, it is important to use technologies such as SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Compliance) to verify the authenticity of senders and prevent address forgery. Also, effective spam filtering is achieved by using lists of blocked IP addresses and updating databases of known spammers.

In addition to filters, it is advisable to use specialized programs to protect your email.:

• email antivirus programs;
• anti-spam systems that block potentially malicious emails and attachments;
• Sandbox solutions;
• cloud-based antispam.

In addition to protecting against spam and phishing, email protection software allows organizations to protect their email accounts from threats and data leaks, as well as increase the speed of receiving emails.

How to evaluate the effectiveness of email protection against spam​

There are different approaches to evaluating email protection from spam. In fact, the effectiveness of protection is the degree of compliance of the result with the goal set.

Dmitry Ovchinnikov
Chief Specialist of the Integrated Information Security Systems Department of Gazinformservis

It is considered that the system works effectively if 95-97% of spam is blocked. And the number of false positives is no more than 0.007%.

For evaluation, you can use systems that simulate a spam attack on your email in real time. Based on the results of how many unsolicited messages are missed and reflected, you can judge the company's email protection.

Kai Mikhailov
Head of Information Security at iTPROTECT

A good way to assess the degree of protection of mail turnover is to use Breach Attack Simulation systems, which send a wide variety of emails containing spam, phishing, and virus attachments to the service email address. The special agent records which samples have passed the protection system and issues recommendations on modifying the SPI settings. In general, the effectiveness is evaluated experimentally. A good result will be the share of spam emails no higher than 1-2% of the total turnover.

Various metrics can be used to evaluate the effectiveness of corporate mail protection. They can be used by security personnel to identify significant anomalies in processes and make informed decisions to correct or improve the situation.

Vladimir Aryshev
STEP LOGIC Integrated Information Security Project Expert

Evaluating the effectiveness of email protection against spam includes analyzing various metrics and parameters that reflect the degree of success in preventing unwanted messages and ensure overall email security:

• Total filtering level-reflects the percentage of successfully filtered spam messages out of the total spam volume. The higher this percentage, the more effective the protection.
• False positive — the number of legitimate messages that are mistakenly classified as spam.
• False negative — the number of spam messages that passed the filters and ended up in the mailbox.
• Successful Delivery Rate — the percentage of emails that were successfully delivered to your inbox instead of spam. This metric reflects how effectively filters decide which emails are considered unwanted.
• User participation — metrics related to active user participation in the fight against spam, such as marking messages as spam or feedback from users about false positives.

Performance evaluation should be carried out regularly and experimentally, in order to ensure optimal protection of mail turnover from unwanted messages and minimize the loss of important emails.

How to minimize the risks of false positives​

When implementing mail server protection against spam, security guards often encounter false positive positives of the system. A perfectly legitimate email is perceived as spam and eventually does not reach the recipient.

Dmitry Ovchinnikov
Chief Specialist of the Integrated Information Security Systems Department of Gazinformservis

You can minimize the number of false positives only if the mail server is configured correctly on the other side. So, if you don't want your emails to be marked as spam, you need to make all the necessary settings on your side. And it is advisable to have an additional communication channel via messenger or phone, so that you can manually add someone else's domain as an exception if emails from it are marked as spam.

To reduce the probability of false positives, you can use the following approach::

1. Use a hard anti-spam filter that gives a lot of false positives, but filters out the most sophisticated spam.
2. Apply a reverse filter to compensate for false positives among already filtered messages.

This approach allows you to get rid of the maximum amount of spam and check filtered emails. You can also use additional compensation measures.

Vladimir Aryshev
STEP LOGIC Integrated Information Security Project Expert

The following actions will help minimize False positive risks::

• Setting the stiffness level. Usually, email clients and servers provide the ability to configure the level of filtering severity. If necessary, users can choose more lenient settings.
• Using whitelists. Users and administrators can create whitelists, including senders and domains that regularly send legitimate messages. This will help the system avoid false positives when analyzing these addresses.
• Periodic audit. A regular audit of the spam filtering system will be useful for analyzing false positives and taking measures to increase accuracy.

It is important to remember that ensuring effective protection against spam requires constant monitoring and adaptation of system settings to changing conditions.

Resume​

The fight between anti-spam forces and spammers has been going on for years, and the victory of one or the other side is not expected in the near future. Therefore, employees of information security companies should not relax.

Protecting your email from spam is an important task for ensuring information security and maintaining order in your email inbox. For personal mail, we recommend using multiple addresses, spam filters, being careful when registering on sites, and avoiding publishing an email address. In the case of corporate mail, in addition to these measures, you should pay attention to configuring and monitoring the security system, as well as using specialized tools and methods for evaluating the effectiveness of anti-spam filters. Keep in mind that for a fully secure email, a comprehensive approach and a variety of security tools are important.