Is it unsafe for SMBs to forward emails to corresponding Gmail accounts to take advantage of the spam filters if gateway-based spam filtering isn’t an option for budget reasons? What are some dangers or risks they could face by doing so?
Spam can have a negative effect on productivity and is a prime attack vector for phishing. Although most ISPs apply some form of antispam measures to incoming email traffic, they are generally passive, such as rejecting mail that’s sent directly to a secondary MX record rather than to a primary one, a common spammer tactic. Microsoft Exchange also comes with a number of out-of-the-box antispam features. Such measures prevent some spam from reaching your inbox, but more proactive gateway-based filtering products aren't cheap for budget-restricted organizations.
One way of benefiting from one of the best spam and malware filters, Gmail's Postini spam-filtering technology, is to forward users' emails to corresponding Gmail accounts, which would be set up and monitored by the organization. The enterprise version of Postini acts as an SMTP relay for an organization's existing mail services, so you are almost recreating the Postini filtering service, but for free. Also, as Gmail keeps a copy of all the mail it’s forwarding, you have an automatic online backup of all your mail.
This procedure means you have to manage and sync double the number of email addresses, which can generate quite a bit of extra work if you have a regular turnover of staff. A well-documented termination procedure would be necessary to ensure email accounts of departing employees are terminated or redirected to an alternative address, the latter requiring a password change of any Web-accessible accounts.
Depending on how your email is handled, there may be other alternative services you can consider. A free spam-filtering service that works in a similar fashion to the Gmail option, in that you need two email addresses per employee, is Spamfence. Mail is delivered to the first address, passed on to Spamfence for spam and virus checks, and the cleaned email is then delivered to the second address. SpamAssassin, a spam filter based on content-matching rules, can be used on servers running Linux, Mac, Unix or Windows and works with a number of email setups, including Gmail. It is distributed free under the same terms and conditions as the Apache Web server and is easy to configure and add new policy rules.
Another popular open source antispam gateway filter is MailScanner, which is based on SpamAssassin, but can incorporate multiple virus scanners in parallel to increase the level of security. It also provides other numerous email protection features, such as file name and file type blocking, and dangerous HTML checks. Blacklist look-ups can be used to reject a large percentage of messages with minimal overhead. It runs on Unix-based systems and is compatible with a wide range of mail systems and most configuration options can be controlled on a per-user, per-domain or per-IP basis. While MailScanner is a more capable tool, SpamAssassin may be better for organizations that may not want or need the extra configuration options.
If your organization is being overloaded with spam, filtering it by using one of the above offerings is certainly an option. The downside of forwarding it onto another mail service is you end up with double the number of email accounts to manage, and for a large organization this is probably going to be too onerous. My preference would be to run your own antispam gateway using an open source tool to keep your costs down.
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Michael Cobb
Explore the differences between symmetric vs. asymmetric encryption algorithms, including common uses and examples of both, as well as their pros and... Continue Reading
Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property. Continue Reading
Shellcode is a set of instructions that executes a command in software to take control of or exploit a compromised machine. Read up on the malware ... Continue Reading