Does your anti-spam solution provide you with granular, muti-layer configuration and reports? Have you ever found yourself wishing you were able to set one domains, one departments or one users anti-spam filtering differently than the rest?
Multi-layer per-domain and per-user configuration is the correct prescription.
As discussed in previous articles (see My catch-rate is better than yours, nah, nah!… My spam is different from your spam! … Anti-Spam Performance Awards in the Real World), an organizations spam varies greatly depending on how long its domain and email addresses have been around, where it is hosted, how it does business, the language it speaks and the country its in, to name a few.
Per-Domain Anti-Spam Configuration
As a Service Provider, or as an IT Manager in a larger company, you have several domains (several companies, departments, divisions, brands, etc.), are likely to be in different industries, with various distribution channels. All of these will receive various types and volumes of spam. Should the whitelists and blacklists be the same for everyone? Surely, the owners of the domain bestshoesoftheinternet.com don’t want to receive any Viagra-related emails, but how about that other domain of yours, bigpharmabrand.com? Or how about pressreleaseforfree.com?
You need custom rules for each domain in order to solve the spam problem for everyone. Global configurations will just not cut it.
Per-User Anti-Spam Configuration
Another important factor for anti-spam considerations is the job title or function of the email address owner. An employee in the marketing department will have its email address included in press releases, analysis articles, industry references and tradeshows. He (or she) will receive a lot of spam from lead generation firms (I have a few hundred examples to share), as well as random spam.A CEO will be more prone to Spear Phishing (see The Evolution of Spam …Spear Phishing with unsecured databases…Spear Phishing: Is Your Boss a Whale). The Sales team (and its infamous sales@domain.com email address) will undoubtedly receive massive amounts of spam as well.
Do you really want to configure aggressive anti-spam on all of these email addresses? Most likely not. The sales guys would rather get a little more uncaught spam than deal with POs stuck in the quarantine. The CEO would probably prefer an external parties email being wrongly flagged as spam to an inbox filled with spam and dangerous phishing (the external party would likely call the CEO or send another email if it was really urgent). Every email address, every user has different requirements and characteristics, and thus needs different per-user configuration settings.
Give modusGate Email Security for Exchange (https://www.vircom.com/en/products/modusgate-exchange-anti-spam/) a try. The Free Trial will let you experience the 3 levels of configuration: Sytem-wide (global), Per-domain, and Per-user.
What if the spam is from a trusted source but their third-party email marketing campaign managers are hacked? This happened to me:
http://resource.onlinetech.com/data-breach-results-in-email-marketing-spam/