Spam and false-positive management


What can you do to avoid false positives?

At a time when spam is increasingly flooding our mailboxes and saturating our networks, anti-spam solutions still have to deal with the problem of false positives.

False positives are legitimate e-mails interpreted as spam. These emails can be of vital importance to a company, as they may contain a very valuable message, but unfortunately remain unanswered. The main concern is not necessarily that these e-mails are not received by the recipient. Worse still, the sender is generally never informed that his message has been rejected!

What can be done about false positives?

An obvious solution would simply be to reduce the false positive rate of the solution in place. However, this rate is inversely related to the false-negative rate (spam considered to be legitimate e-mail). This means that the lower the false positive rate, the higher the false negative rate. As a result, we receive more spam. If we were to reason through the absurd, the extreme solution to avoid false positives would be not to filter spam at all! A sensible solution would be an anti-spam system that strikes the right balance between false positives and false negatives, without losing sight of the fact that false positives can be very damaging for the company!

However, there will always be a residue of false positives whatever the solution. As false positives are considered spam by anti-spam systems, they will logically be included in the spam management strategy. It then becomes necessary to deal with another fundamental issue:

How do I deal with spam?

Usually a quarantine system is used to store mail considered spam. But in this case, is it more worthwhile to spend time systematically analyzing the quarantine to check for false positives, rather than manually sorting spam? What are the productivity gains?

However, there is another solution, which consists of filtering the mail directly during the SMTP transaction with the remote server. As the mail is directly refused by the contacted server, the sending server is informed of this processing. It informs the sender that the message has been rejected. This way, your contact knows that you didn’t get their email and can take the necessary action.

Today, this type of solution guarantees effective protection of your system against spam, without risking damage to your business.

By offering a service based both on this analysis technique in the SMTP protocol and on the combination of complementary antispam technologies, Altospam offers its customers an e-mail protection system with optimum filtering quality, thanks in particular to an effective false positive rate of virtually zero.

Test Altospam’s solutions!

Thousands of companies, CTOs, CIOs, CISOs and IT managers already trust us to protect their e-mail against phishing, spear phishing, ransomware, …