Skip to main content
SolarWinds MSP
  • Login
  • Support
  • Partnerships
    • Partnerships Overview
    • Solution Provider Program
    • Technology Alliance Program
    • Distributor Program
SolarWinds MSP
  • Products
    • Monitoring & Management
    • N-central Automate. Tackle complex networks. Get remote monitoring and management built for efficiency and scale.
    • RMM Start fast. Grow at your own pace. Try this powerful but easy remote monitoring and management solution.
    • Backup
    • Backup Get data protection for servers, workstations, applications, documents, and Microsoft 365 from one dashboard.
    • Security
    • EDR Defend against ransomware, zero-day attacks, and evolving threats with endpoint detection and response.
    • Mail Assure Leverage mail protection and archiving to keep your users safe from email threats and downtime.
    • Passportal Adopt and enforce best practices for password and documentation management with ease.
    • Tools & Services
    • MSP Manager Increase helpdesk efficiency with a robust PSA, ticketing, reporting, and billing management solution.
    • Take Control Help support customers and their devices with remote support tools designed to be fast and powerful.
    • View All
  • Solutions

    Solutions

    • Security Protect your customers and expand your business by offering layered security services without the complexity.
    • Monitoring Choose the right remote monitoring and management solution to meet you where you are and grow with you.
    • Operational Efficiency Boost profits by improving efficiency via automation, resources and training, and time-saving products.
    • IT Departments Keep your organization productive by easily managing IT from a single, easy-to-use, web-based dashboard.
    • Remote Monitoring Solutions Comparison Compare SolarWinds RMM and N-central side by side. Sign up to talk to a specialist to find the right fit.
    • View All
  • Resources
    • Download
    • Resource Library
    • Product Information
    • Free Tools
    • Learn
    • MSP Institute Webinar Series
    • Daily Live Demos
    • MSP Advice Project
    • Ask the N-central Experts
    • Upcoming Webcasts
    • Connect
    • Blog
    • Security Resource Center
    • Events
    • RMM Foundations Training
  • About
    • Company
    • About Us
    • Leadership
    • Careers
    • News & Press
    • Awards & Recognition
    • Support & Policies
    • Customer Success
    • Customer Support
    • Legal
    • Security
    • Get in Touch
    • Contact
    • Get a Quote
    • Worldwide Sales & Support
  • IT Departments
  • Contact Sales
    • Contact Sales
    • General Inquiry
    • Get a Quote
    • Worldwide Sales & Support
    • Talk to Specialist
    • Security Solutions
    • Monitoring Solutions
    • Operational Efficiency
  • Try Now
    • Monitoring & Management
    • N-central
    • RMM
    • Backup
    • Security
    • EDR
    • Mail Assure
    • Passportal
    • Tools & Services
    • MSP Manager
    • Take Control
  • Request a Quote
  • Try Now
    • SolarWinds RMM
    • SolarWinds N-central
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Mail Assure
    • SolarWinds Passportal
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Request quote
Filter Blogs
  • Filter by:
  • MSP Business
    • Automation
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Cybersecurity Awareness Month
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • The Head Nerds
    • Tips & Advice
    • Training
Home Blog MSP Business Mail Top Outbound Email Security Best Practices for Your Company
Mail

Top Outbound Email Security Best Practices for Your Company

By SolarWinds MSP
2 September, 2020

No matter what we send in our emails, it’s safe to say no one wants anyone but the intended receiver to see the contents. While email remains the most common form of business communication, it’s also a means by which hackers and other individuals with malicious intent  launch attacks and exploit vulnerabilities. For example, business email compromise (BEC) is a scam that targets businesses via email fraud. Since mid-2016, it’s reported that businesses have lost over $26 billion due to BEC scams. 

Numbers like this suggest keeping your business emails secure should be a priority for all companies, especially MSPs who likely handle sensitive data for multiple customers. If you experience a data breach, this could lead to financial loss, legal liability, and a damaged reputation. This guide will help you best explain the nature of email threats to your customers, and how you can implement top outbound email security best practices to help keep your customers safe.

What is inbound and outbound email?

The definitions for inbound and outbound email are simple. Inbound emails refer to messages received by users from senders outside the set of domains for your organization. Outbound emails are messages sent by users to recipients outside the set of domains for your organization. It’s important your customers understand the difference between inbound and outbound email, because the risks associated with each vary significantly. 

How is outgoing email sent?

A Simple Mail Transfer Protocol (SMTP) server is an application that works to send, receive, and relay outgoing mail between email senders and receivers. This is another key term to make sure your customers are aware of. 

Whenever anyone sends an email, the SMTP server (provided by the mail client you’re using to send your email) processes the email, decides which server the message is getting sent to, and relays your message accordingly. Then, the inbox service provider on the other end downloads the message and puts it in the email recipient’s inbox. 

Risks associated with outbound email

CTA Image

SolarWinds Mail Assure

Advanced Threat Protection for Inbound and Outbound Email.

Try It Free Learn More

The average user sends approximately 40 business emails per day. When you multiply this number across the number of users within an organization, improperly handled outbound emails can become a real risk. Although this list is not exhaustive, it does cover some of the most common risks associated with outbound email your customers should be aware of.

Unauthorized access to your emails and data leakage 

Cybercriminals may attempt to gain access to your SMTP server, which is the channel through which all outbound mail goes. Cybercriminals achieve this by breaking your authentication procedures. Unwanted visitors can then access your emails and use them to exploit your business. For example, they might leak your users’ data or steal sensitive information. 

Spam and phishing

If a cybercriminal manages to successfully access your SMTP server, they will probably use it to send unauthorized messages and spam to your contacts and to external accounts. Because this spam is sent from a legitimate and trusted domain, it’s much more likely to be successful. If someone manages to hack one of your employees’ email accounts and sends out spam or phishing attempts to your MSP contacts, it could be disastrous for your MSP’s reputation. Your server can also be used to request confidential information, like login credentials and credit card numbers. 

Malware

Cybercriminals might also endeavor to use the vulnerabilities of SMTP to spread malicious software to your email recipients or within your own infrastructure. They might spread trojan horses, viruses, and other types of worms capable of gaining access to servers, changing privileges, and obstructing key operations. 

DoS attacks

Cybercriminals can also exploit SMTP servers to perform denial-of-service (DoS) attacks. DoS attacks flood other servers with a huge amount of emails, often causing them to crash. Cybercriminals can also use these attacks to flood inboxes, disguising any warning messages about security breaches. 

Outbound email security best practices 

In order to ensure users within your business and your customers’ organizations are avoiding risks associated with outbound emails, you should take measures to promote both inbound and outbound email security. We suggest starting with some form of each of the following best practices:

1. Establish a robust cybersecurity plan

Although plenty of businesses have a cybersecurity plan in place, many may overlook the need to include email. With a developed and comprehensive plan, your business can prepare itself to overcome the most common and potentially damaging cyberthreats.

Your cybersecurity strategy should include policies, recommendations, guidelines, and requirements regarding the implementation and use of technology—this should include email communications. For example, your MSP might have a clear plan in place for how to react when an outbound spam filter detects infected emails are attempting to travel from within your organization to your contacts. You should review your plan regularly and customize it to suit the specific requirements of your business. 

2. Cyberawareness training

One of the most successful ways of maintaining optimal email security is to regularly update your employees’ cyberawareness training. Users can easily avoid many email-related cyberattacks if they’re able to identify warning signs. A common example of how employee training can help a company avoid cyberattacks is by ensuring employees know how to detect and respond to phishing emails. Instead of engaging with an attachment—enabling their computer or device to become infected with malware—encourage employees to flag suspicious email and perhaps send it to your company’s IT department for closer inspection. 

3. Utilize antivirus software 

The latest antivirus software is sophisticated and recognizes the numerous risks associated with both inbound email and outbound email. An appropriate antivirus tool is likely to include mail filtering and scanning capabilities, helping you identify malware and other threats lurking in your emails. Many antivirus tools can be configured to work with your mail proxy/relayer to scan emails and filter out those that are suspicious, preventing them from reaching your employees’ inboxes. This helps eliminate the risk of an employee making an honest mistake and opening a malicious attachment.

4. Implement robust password policies 

Many cyberattacks can exploit business email by accessing login credentials, which is why it’s important your employees and customers use complex, hard-to-guess passwords. A strong password might be subject to the following policies:

  • It must include a combination of numbers, symbols, and uppercase and lowercase letters
  • It does not include personal information, like names of family members, pet names, or other information that can be found on social media profiles
  • It will not be used across any other accounts

When creating password policies, bear in mind that password-guessing tools can submit hundreds or even thousands of words per minute in brute-force attacks. To help ensure your employees maintain strong passwords, establish an official password policy. 

5. Rely on email security tools that provide outbound spam filtering

While many organizations tend to be more concerned about inbound spam filtering, the risks associated with outbound emails merit the use of outbound spam filtering as well. Outbound spam filtering helps ensure infected emails don’t get sent from within your MSP or your customers’ organizations to correspondents. 

For example, if a hacker gains access to your system, they might go ahead and send infected messages to everyone in your address book to a range of negative effects. Not only could you lose business by compromising client or partner security with spam messages, you also might risk your outbound gateway becoming blacklisted due to a high number of spam emails originating from your IP address. Outbound spam protection helps prevent any of these issues from impacting your business by blocking spam emails on their way out from your SMTP server.

Choosing an email security solution

As this guide has demonstrated, email is a highly convenient form of business communication—but it also presents risks. To minimize these risks, there are tools and best practices you can implement to protect your organization and your customers. SolarWinds® Mail Assure is the ideal email security solution, providing inbound email and outbound email protection, cloud-based email archiving capabilities, Microsoft 365 email protection, and much more. 

Mail Assure is an advanced, user-friendly solution that helps you achieve optimal email security. It uses collective threat intelligence and machine learning to protect email against viruses, malware, social engineering attacks, spam, ransomware, spear phishing, impersonation, business email compromise, spoofing, and a range of other email-borne threats. 

Mail Assure is designed to prevent malicious links from entering or exiting your email inboxes by processing email data from over 23 million mailboxes, helping protect you from emerging threats. This solution has nearly 100% filtering accuracy. Mail Assure also includes real-time pattern threat recognition, which leverages different filtering technologies, and includes impersonation protection and anti-phishing. This is a highly versatile email security solution that offers support for DKIM, DMARC, and SPF, and can seamlessly integrate with Microsoft 365 via an add-in. 

Mail Assure also provides email continuity solutions, so that even if Microsoft 365 has an outage or is down for maintenance, you will still have access to email. The 24/7 email continuity solution is delivered through a web-based console, allowing you to add value for your service. Even if your primary server goes offline, employees will still be able to send, receive, and read email as if nothing happened. To learn more, a 30-day free trial of Mail Assure is available. 

 

Additional reading

Why does a business need a third-party Email Security offering?
7 Things to Look for When Choosing an Email Security Solution
The Email Security Education Series: The Basics
You might also like...
Mail

How to Effectively Use an Email Spam Filter Service

Mail

6 Cybersecurity Tips for Business Email

Mail

What Is DMARC Email Security and How Do You Implement It?

Mail

How to Tell If You Have Efficient Email Threat Protection

Mail

Email Privacy Issues Your Business Might Have in 2020

Mail

4 Email Attachment Threats to Secure Systems From

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts
  • Three things I learned working for an MSP
  • Earning word-of-mouth referrals for your IT business
  • Backup automation part 1: Deploying backup devices
  • Ultimate Guide: MySQL Backup
  • Most common automation requests and how to solve them: Ep 2
Categories:
  • Security (240)
  • Tips & Advice (130)
  • Best Practices (97)
  • Backup & Disaster Recovery (96)
  • Managed Services (89)
  • The Head Nerds (82)
  • Business Growth (79)
  • IT Support (43)
  • Business (41)
  • Automation (40)
  • Operations (38)
  • Cybersecurity (37)
  • Mail (33)
  • Remote Management (30)
  • ITSM (26)
  • Networking (22)
  • Cloud Computing (21)
  • Data (21)
  • Marketing (15)
  • PSA (13)
  • Product (11)
  • Service Desk (6)
  • Services & Support (5)
  • Mobile (4)
  • Risk Intelligence (4)
  • GDPR (3)
  • Internet of Things (3)
  • Customer Service (3)
  • Research & Trends (2)
  • Training (2)
  • Business Risk (1)
  • LOGICcards (1)
  • Cybersecurity Awareness Month (1)
Show moreless
SolarWinds MSP

Products
  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds EDR
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Passportal
  • All Products Use Cases
Solutions
  • Security Solutions
  • Monitoring Solutions
  • Efficiency Solutions
  • Identify which RMM solution is right for me
  • Drive Efficiency with Automation
  • Manage my MSP Business More Efficiently
  • Manage my IT Department More Efficiently
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights
About
  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Upcoming Events
  • Subscription Preferences
  • SolarWinds
  • SolarWinds Trust Center
  • COVID-19 Response
Support
  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • SolarWinds Take Control
  • SolarWinds MSP Manager
  • Solarwinds Risk Intelligence
  • Solarwinds Threat Monitor
  • SolarWinds Passportal
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Service Status

Footer 2

  • Legal Documents
  • Privacy
  • California Privacy Rights
  • Security Information
  • Sitemap

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.