6 types of anti-spam filters and how they work
Updated at: Oct 01, 2019
The vast majority of internet attacks start with an email. To get an idea of how important it is to talk about email security, Verizon pointed out, in a 2018 report, that nine out of every ten infection attempts using malware on the web happen via email. And what is one of the main tools used by cybercriminals to spread malware and other types of threats? If you thought about spam campaigns, you got it right.
You should be alert and prepared to fight different types of threats. In a company's case, an infection or data breach can cause huge losses. Not to mention that receiving large amounts of junk email ends up directly interfering in the productivity of the team, who waste a lot of time interacting with useless and even dangerous messages.
And how to protect yourself and protect your business? This is where anti-spam filters come in. They make the first line of defense against unwanted emails. There are two main categories of filters: content-based filters and list-based filters.
Anti-spam filter based on content and technical aspects
There is a type of spam filtering technique and analysis that is based on the content and technical aspects of an email. In these cases, artificial intelligence and machine learning work with rules and policies to check emails and then define whether the messages will be labeled as spam or not.
In general, many of these rules and policies have already been configured in an anti-spam software or a Secure Email Gateway (SEG), but it's still possible for tool administrators to determine new rules and policies according to the specific interests and needs of the business.
This type of anti-spam filter is one of the simplest and most used. It scans the message content for specific terms to identify spam. For example, you add the word "sex" and all emails that contain the term "sex" will be blocked. One thing to be careful when using a word-based filter is to choose the terms well. If you add the term "promotion" it will probably block both legitimate messages and spam, creating a high rate of false positives.
Using algorithms and other features allows heuristic filters to identify spam based on scoring. In this type of analysis, certain words and technical aspects of a message earn points. If the email reaches a pre-established score as spam, the message is blocked and directed to the quarantine.
The Bayesian filter is a type of heuristic analysis that aims to learn from the user what is and what isn't spam. We're talking here about machine learning and advanced algorithms for email security. Over time, the Bayesian filter became one of the most effective anti-spam tools because artificial intelligence itself can distinguish the profile of an unwanted or dangerous message based on the "training" it received from the user.
Anti-spam filter based on lists
As the name implies, list-based filters basically work with blacklists and whitelists, allowing or not the delivery of emails sent from a specific sender.
Blacklists are one of the most popular types of anti-spam filtering. In this case, lists of IPs and email addresses are used to block messages from specific senders. In other words, when an email is sent to the company, the filter checks if the IP or email address has a good reputation or not.
Whitelists are exactly the opposite of blacklists. Instead of blocking certain IPs and email addresses, the filter deliveries messages from specific senders. I mean, you add addresses to the list and those addresses are identified as trusted.
By definition, we might say that greylists are somewhere in between blacklists and whitelists. When the company receives an email from an unidentified sender, the filter rejects the message temporarily because spammers have the habit of sending their junk email only once.
Filters and your safety
Obviously, anti-spam filters are an important and indispensable security layer these days. But none of them is 100% effective. Effective email protection involves the adoption of different protection mechanisms, such as anti-virus tools, anti-malware tools, and a sandbox solution to identify malicious URLs and attachments, for example. If you are lost, start by looking for a Secure Email Gateway and anti-spam software. That’s a good and smooth start.