It is very unlikely that you would invest in email software that did not come with some sort of spam detection facility.
Due to this a loss of businesses believe that they are completely secure from the threat of spam attacks and cybercriminals. However, this is not the case. Hackers have refined their methods to the extent that these free features with email services are unable to react to new threats in real time. Even if they boast high detection rates there will always be a considerable amount of emails that slip through the filter.
A simple calculation reveals that a free business spam filter, that comes with an email service, which has a 97% detection rate still leaves your network quite vulnerable. If every member of staff is receiving 20 spam emails per day then 1 of these will be bypassing the filtering and making it to an inbox where it is likely to do some damage. In addition to the information that is stolen the time and money spent addressing the attack and vulnerability is also going to be a durian on your business.
Additionally, even the best trained member of staff can be fooled by a well-crafted spam email. While ongoing training and education regarding cybersecurity is vital for your staff it will not make your staff bullet proof. If cybercriminals come up with an ever more realistic ploy or scam then there is an excellent chance that even the most tech savvy of employees could be fooled by it.
This scam typically included phish lures, malware or ransomware. Once it is clicked on by staff members then it may be too late. Once the spam is deployed on your network it will spread like wildfire. This is why you need to consider boosting your security measures to the point where you can achieve as close to a 100% detection rate as possible.
There are a number of spam detection providers that claim that they can provide you with this. Due to this you should be extremely careful with your research and make sure that you choose a solution that is reliable, easy to manage and will cause you the least amount o hassle.
Finding a business spam filter that comes with a combination of Real Time Blacklists and SURBL filters configured to spot spam mails from renowned spam originators is a good start. Better again if it includes recipient verification to block emails that are being shared to email accounts that are no longer in use and give network managers the power to configure Sender Policy Frameworks in order to spot spoofed emails.
The best tactic or feature to deploy as you try and achieve complete protection is greylisting. This is a system whereby all inbound email are stopped and sent back to the mail server it came from with a request for it to be sent again. The reason for this is that, in practically all instances recorded, genuines emails are sent again within a few seconds while spam emails are not resent as the spam email servers are too busy for the request to be spotted.
This results in unknown sources of spam being identified and added to your filters as well as to the global blacklists. It does not involve much management other than to whitelist certain business critical domains and IP addresses that you would prefer were never blocked.
Finally outbound scanning is a most important feature as it will check to see if anyone is attempting to use an email account on your network from sending spam messages. This can happen if a cybercriminal manages to take management of an inactive or active email account or even if a member of staff unwittingly forwards an email that they thought was genuine. If these are not spotted then it could result in your company domain landing on a spam blacklist and, sadly, customers and potential customers may not receive emails from you.