Abstract

Email spam continues to present a significant threat to corporate communications, constituting nearly half of global email traffic. Beyond being a nuisance that clogs inboxes, spam—especially phishing emails—leads to severe financial losses; for instance, business email compromise scams alone accounted for $2.7 billion in reported losses in 2022. This paper proposes a multi-level spam protection architecture that integrates three complementary approaches: rule-based filtering, blacklist-based filtering, and machine learning (ML) classification. We detail how each layer functions and analyze their strengths and limitations in corporate environments, where high accuracy and minimal false positives are paramount. The proposed architecture combines protocol-level defenses (like DNS-based blacklists), content-based heuristics (rule engines), and ML classifiers (Naïve Bayes, Decision Trees, Logistic Regression) in a layered defense-in-depth model. We provide a comparative evaluation using recent research (2020–2024) to demonstrate that this integrated approach can significantly improve spam detection rates while controlling false positives. Real-world statistics and experimental results from literature are presented, including performance metrics (accuracy, precision, recall, F1-score) and runtime efficiency for each method. The multi-layer system achieves superior performance (often 98–99% detection with low false alarm rates) compared to any single technique alone. This work offers a comprehensive, up-to-date analysis for practitioners and researchers, outlining a robust framework for corporate spam protection and highlighting future research directions in adaptive, multi-faceted spam filtering.