In Cybersecurity
Anti-Spam Settings

There are many ways that a hacker can compromise a computer system. However, the most common way computers are compromised is via email attachments. The best strategy to combat email Spam is with an Anti-Spam email appliance or service.

Anti-Spam is software that once installed on mail servers, blocks spam email based on several criteria. Simply put, this tool monitors your email server to provide email security.

In the current day and age, appliances have become more obsolete as cloud services gain popularity. Regardless of the spam vendor your firm uses, some basic guidelines make sense.

Block vs. Quarantine

The first step is to block the sources and attachments that most commonly cause viruses. Among them are obvious ones:

.BAT

Recommended action: BLOCK (this is a batch file extension, very dangerous and unlikely to be in a legitimate email)

.EXE

Recommended action: BLOCK (this is an executable file extension, very dangerous and unlikely to be in a legitimate email)

.JS

Recommended action: BLOCK (this is a Javascript file extension, very dangerous and unlikely to be in a legitimate email)

.MSI

Recommended action: BLOCK (this is a Microsoft installer file extension, very dangerous and unlikely to be in a legitimate email)

The next set of attachment extensions can cause controversy. Often, there are legitimate uses for these extensions:

.RAR

Recommended action: QUARANTINE (this is a compressed file extension, commonly used for malware payloads)

.RTF

Recommended action: QUARANTINE (this is a deprecated document file extension, commonly used for malware payloads)

.ZIP

Recommended action: QUARANTINE (this is a compressed file extension, commonly used for malware payloads)

These three extensions are all compressed files that can contain dangerous malware. Instead of rejecting the messages with a block, these messages should be quarantined in the spam filter and reviewed by the recipient(s). If the Anti-Spam solution has the feature to notify the recipient about a quarantined message in real-time, this is ideal. If real-time alerts are not an option, possibly configuring multiple “spam digests” throughout the day is another option. Recipients are made aware of quarantined messages this way.

Finally, end users should always train their Anti-Spam solution for their needs. Whitelisting email addresses and domains is essential for training the filter to allow needed messages. But this practice should be used sparingly. Over time, the filter will become more in tune with your inbox’s habits.

Leave a Comment

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.