IT Tech Force Spam filters detect unsolicited, unwanted, and virus-infested email (called spam) and stop it from getting into email inboxes. Internet Service Providers (ISPs) use spam filters to make sure they aren’t distributing spam. Small- to medium- sized businesses (SMBs) also use spam filters to protect their employees and networks.

Spam filters are applied to both inbound email (email entering the network) and outbound email (email leaving the network). ISPs use both methods to protect their customers. SMBs typically focus on inbound filters.

There are many spam filtering solutions available. They can be hosted in the “cloud,” on computer servers, or integrated into email software such as Microsoft Outlook.

How do spam filters work?

Spam filters use “heuristics” methods, which means that each email message is subjected to thousands of predefined rules (algorithms). Each rule assigns a numerical score to the probability of the message being spam, and if the score passes a certain threshold the email is flagged as spam and blocked from going further.

There are different types of spam filters for different criteria:

  • Content filters – parse the content of messages, scanning for words that are commonly used in spam emails.
  • Header filters – examine the email header source to look for suspicious information (such as spammer email addresses).
  • Blacklist filters – stop emails that come from a blacklist of suspicious IP addresses. Some filters go further and check the IP reputation of the IP address.
  • Rules-based filters – apply customized rules designed by the organization to exclude emails from specific senders, or emails containing specific words in their subject line or body.

No single method is a complete solution to the spam problem, and there are always trade-offs (which the heuristics try to weigh) between rejecting legitimate email vs. letting spam slip through