The basics of spam filtering

Unsolicited marketing and scam emails are called spam, and it is a big business with around 45% to 50% of emails sent being spam. Experts estimate that the top 100 cybercrime groups involved in spam are responsible for 80% of the total volume.

Different groups have different motives for sending out such emails. Some groups are trying to sell fake products or drugs; other groups are trying to find targets for larger financial scams or phishing attacks to harvest details for future cybercrime.

There are many different methods to protect yourself from spam, and they can be client side in your email client or server side on your domain’s email server.

Client-side filtering is the most flexible and can be trained based on a user’s requirements. Email clients such as Microsoft Outlook or Mozilla Thunderbird include a spam filter which can send suspected spam to a quarantine folder for inspection. If you know a sender is good, you can whitelist them, or if you don’t want email from someone, you can blacklist them.

Server-side filtering is a bit different as the filters live on the mail server you connect to for email. They are less flexible as you will need to contact your administrator if you want to whitelist or blacklist anyone. Filters on a mail server are often tuned to try, and best fit the needs for an entire domain or organization rather than individual users and as such can filter out the bulk but not the entirety of spam email.

Email services such as Google’s Gmail and Microsoft’s Outlook.com include spam filtering which you can train per an account basis, but the downside is you get a generic email address rather than something like johnsmith@companyname.com which can better stand out to clients.

Email headers are easy to forge as security was not in mind when Email was created back in the 1980s. Since then new extensions to the standards have been created so that spammers can’t send email while pretending to be someone else.  These technologies are called Sender Policy Framework and Domain Keys Identified Mail.

These two additions ensure that only the email servers specified in a Doman’s DNS records can send email from that domain, an imposter pretending to be from that domain will have their messages dropped by the receiving server or automatically flagged as spam depending on how the administrator configured the filters.

If a spam email is sent from a server in Australia or is representing an Australian company, you can report it to the Australian Communications And Media Authority using this web link: https://www.acma.gov.au/theACMA/make-a-spam-enquiry-or-provide-information-to-the-acma

While you may receive only a small number of spam emails per day, experts estimate that email spam costs the global economy over 20 billion dollars per year in lost time and fraud.

A properly configured and trained spam filter may save you five minutes per day but that time adds up over a year especially if you have multiple email addresses or employees.