Email filtering is still an important cyber security defence

The trouble with perception is, that if you don’t see something happening, you’re less likely to believe it exists. This happens a lot with spam and phishing.

We asked some office workers we are acquainted with about how they view spam and how much spam they get at work.

Their answers were much the same. Spam is a low risk because it doesn’t really happen much anymore.

Nothing could be further than the truth, but demonstrates the power of perception.

Spam statistics for 2021/22

Let’s provide a few statistics to show you what we mean.

  • 94% of malware is delivered via email.
  • 47.3% of all emails in 2020 were spam.
  • Gmail protection service blocks over 100 million phishing emails daily.
  • Russia is the largest source of spam sending 23.5% of all spam.
  • 100 spam gangs generate up to 80% of all Internet spam.


Just because staff don’t see much spam anymore, doesn’t mean it doesn’t happen. Certainly not if Gmail alone stops 100 million of just one type of spam a day!

The power of email filtering

In one way, staff perception of spam is reassuring. It means their employers were using effective email filtering.

Unfortunately, it isn’t the same for everyone.

Email filtering is software designed to inspect all incoming email and assess whether it’s legitimate or spam.

The software usually resides on your email server but can also be a separate appliance or form part of a firewall or other defensive solution.

All email that comes through will be inspected and checked.

The filter will check the sending email and IP addresses for its reputation and to see if it appears on any spam databases.

For example, Russian IP addresses are heavily scrutinised and checked because they send the most spam.

A filter will also check for certain phrases known to be included within common spam emails.

The email filter will also periodically refresh its database of spam email addresses and spam phrases and ‘tells’ to ensure it provides the latest protection.

As you’ll probably know, email filters aren’t perfect. They may miss spam email and they may inadvertently block legitimate email, but they help protect you from phishing, malware and other threats.

Training and awareness can go a long way but barrier security is also essential!

Email filtering methods

We touched briefly on email filtering methods earlier, but let’s cover them in a little more detail.

There are several email filtering techniques.

They include:

Reputation – Checking the sender based on spam reputation databases. Reputation Block Lists (RBLs) contain millions of email addresses, IP addresses and domains known to send spam.

Safelisting – A list of safe senders maintained both centrally and by the company to allow legitimate email through.

Blocklisting – A list of known unsafe email senders, usually maintained by the organisation alongside the RBL.

Antivirus and malware scanning – A similar arrangement to antivirus for devices with a separate malware scanner.

Content analysis – Complex software analysis that uses common terms found in spam emails and checks email attachments and contents.

Email filtering solutions

Email filtering solutions come in a variety of guises but are mainly hardware appliances, software installations or cloud solutions.

As we’re naturally fans of cloud solutions, we’ll concentrate on those. They are cheaper and much easier for you to manage anyway, so they are the logical choice.

The simplest solution is to use hosted Exchange email. It’s a full email solution based in the cloud using secure cloud networks.

It has end-to-end protection, advanced email filters, antivirus and malware scanning and firewall protection. They run using Barracuda network appliances, a global leader in secure cloud technology.

Hosted Exchange email uses some, or all, of the email filtering methods mentioned above, depending on the specific solution.

We believe this provides the strongest protection against spam, phishing and email-borne malware you can get right now.

If you want your own staff to think spam is no longer a threat because they no longer see it, Cloud Heroes can help!

making better connections

Request a Callback