Spam emails using executives name

Subscribe to a good spam engine.  I use OnlyMyEmail, and have recommended it to clients for at least a dozen years.  You won't find anything better at catching spam while producing virtually zero false positives.
 
These kinds of spoofed emails are difficult to catch with most Bayesian filters as just a couple of changes and the spam is right back until blocked again.

we are using iron port.

IronPort is a rules based system and until the rules get updated the spam gets through.  I'm not familiar enough with Cisco's spam product to comment on how you could update rules... and... seems like it's not catching everything it ought to be catching.

Phishing emails are difficult to block.  They're crafted, not sent out in bulk.

The best ones forge the headers 'From' and 'Reply-To' to bypass SPF filtering and ensure the reply goes to an external mailbox, not one inside your company.

Rules won't work.

This:

1. user training
2. SPF strict controls with '-all'
3. DKIM
4. tell your inbound SMTP relay to ban anything coming from your own domain.

Spam email going from one executive name to another is quite common.  Where do they get the names ( and email addresses ) from ?  From your company web site, especially if you have executive BIOs posted on the site.  This is common.  

I find that it doesn't matter what spam filtering system you use.  They are very selective it is impossible to block.

In you case SPF & DKIM & Inbound SMTP relay does not help, because the senders are only using the Executive Full Names, they are not forging your company domain name and email addresses.

I find that it doesn't matter what spam filtering system you use.  They are very selective it is impossible to block.

I am going to disagree with this comment.  It is true if you are using a Bayesian, rules based system, not true for spam guards that can detect spoofed emails.

Once again, I have used OnlyMyEmail (I am a user for more than a decade - and otherwise not associated with the firm) and I have recommended it to others.  I'd lay a bet that the spam would disappear with a proper spam catcher like OME.

It is true if you are using a Bayesian, rules based system, not true for spam guards that can detect spoofed emails.

I don't understand this marketing distinction.  The service you are describing is in fact a rules-based system with filters and DNS lookups.

If it's not "ruled-based", then how do you explain the secret password system that automatically whitelists any message with the secret passcode in the proper position?  It's a filter.  A rather simple one, since it only works with the keyword in a specific position.  It only parses the first word in the subject line, and nothing else.

They also MX-based filtering services to handle larger volumes of mail.  While you (anecdotally) may have a pretty good success ratio, I don't see any magic sauce, other than the marketing.

I don't understand this marketing distinction.  The service you are describing is in fact a rules-based system with filters and DNS lookups.

Sorry you don't see the "magic sauce" and their spam filtering service is by far superior to any of the big names.  It's not anecdotal... check out the link.

http://www.onlymyemail.com/about-us/press-and-media/vb-spam-challenge.html

And it's not only Bayesian rules based, substantially more complex than that.  They tell me they use 30 different filtering layers,
 
In every case that I have moved a client from their well known, existing spam catcher, they have been very happy with the results... for two reasons... no spam and no false positives.

Read the test results.  And, I'd be willing to lay you a bet on the efficacy of OnlyMyEmail against any product you choose.

Cheers.

Again...marketing...not technical information.

Generally, on EE, tech folks like technical answers.  Not magic sauce recommendations.

It's not an insult.  When methods are not disclosed and described in technical terms, this is "magic sauce" sold to a layman.  Like when storage is described as "in the cloud".  Sorry, but I need to know the underpinnings of the magical cloud, and the ingredients in the magic sauce.  Marketing and anecdotal recommendations won't do.

Again, technical answers are only part of it.  People also want recommendations.
 
And I wonder why you think that a spam test is simply marketing.  What do the methods matter when it is the results you are looking for?

I don't care whether you use OME or not.  I don't own stock, I gain nothing from a recommendation.  However, I would be remiss if I did not publish my experience... in multiple companies... anecdotal or not, for those who are seeking advice on spam.

Multiple years of consistent results in spam tests doesn't look "anecdotal' to me, either.

Good luck... I'm outta here.