Service to prevent viruses and spam from getting into my end users Inbox

I need a service to monitor incoming emails to prevent viruses and spam from getting to my clients.
Who is Participating?
Lee W, MVPConnect With a Mentor Technology and Business Process AdvisorCommented:
This is spam.  Pure and simple.  Malicious spam, but spam nonetheless.  All of it. Preventing ALL of it is not possible.  The people sending your users this stuff are malicious and smart.  When you find a way to block them, they find a way to get it through.  You can use third party services or install your own spam filter (assuming you run email locally and not through something like office 365).  I run my own spam filter and I have had to tweak the settings over time.  Some you can look at include Untangle (a unified threat management router/firewall - I use the free version, but there's a paid version as well.  There's also Spam Titan, Email Filter Appliance, and many online third parties, some free, most you pay for.

Successful defense against this stuff includes user education and multiple types of protection (for example, a UTM with Antivirus from vendor A and an antivirus from vendor B installed on the computers.  Keep in mind, antivirus seems largely ineffectual these days... Want proof?  Take something from one of these malicious emails and run it through VirusTotal - in my experience, 2-5 of the antivirus products out of 65+ actually detect the danger - that's LESS THAN 10%.  And it's not the same 2-5 with each item.
Todd NelsonConnect With a Mentor Systems EngineerCommented:
I recommend a hosted solution and not an on premises one or appliance.

Barracuda, SonicWALL, Mimecast, Proofpoint, etc.
masnrockConnect With a Mentor Commented:
Of the previous comments, I will say I love the frankness of Lee's response.

Third party email filter will help, but not 100% solve the issue. Antivirus and antimalware software on workstations will provide another layer of protection. UTM that offers AV is a nice to have as well. Will these account for everything? NO.

There is no silver bullet. If someone told you there's one, they're lying (especially a salesperson). Defense is part technical, part human. The human side requires constant education and training (identifying and reporting suspicious emails, and knowing NOT to open strange links and attachments). Additionally, even business practices come into play. An example of this are emails that claim bank account information for a vendor or partner has changed. An ideal practice here is to make sure that partners know that you will only send these types of notifications via registered mail on company letterhead.

I'm sure that there are also messages coming from the mailboxes of some of your partners and vendors once every now and then. So working with them to ensure that they know ASAP when a mailbox has been compromised helps immensely. Even partnering at the IT level to share threat-related intel is an even better way to crack down on things. But it's still not going to be 100 percent effective.
Todd NelsonSystems EngineerCommented:
Question answered. No response from requester.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.