How to Calculate the False Positive Rate of an Email Solution?

How to Calculate the False Positive Rate of an Email Solution?

While email filtering services play an invaluable role in protecting companies from malware, ransomware, and phishing scams, there is always the fear that legitimate messages could inadvertently be filtered out as well. After all, the last thing an organization needs is to have a message from one of its top clients quarantined as spam!

Because of this, understanding how false positive rate is calculated is an important thing to consider when comparing different email filtering solutions. By choosing a provider with a low false positive rate, you can have confidence that you aren’t missing out on any important messages due to your spam filtration system.

Understanding False Positive Rate

In the email filtering world, the term “false positive” is used to describe any time a legitimate email that is accidentally quarantined. Calculating this rate is fairly straightforward -- all you need to do is take the total number of good emails that were blocked, and divide that number by the total number of good emails received.

Remember, just because a legitimate email was blocked, doesn’t mean it is gone forever. Modern email filtering systems rely on a “quarantine” method that scores all emails and then prevents messages with a higher score from reaching your inbox. However, the quarantined emails are still accessible to individuals with the proper permissions. This allows someone who knows how to identify spam to look in the quarantine and find any legitimate messages that may have been incorrectly flagged as spam. Legitimate messages can be released from the quarantine, and then users can compare this number to the total number of legitimate emails received during the same time period.

After these basic tasks have been taken care of, the resulting percentage gives you a clear idea of how many of your good emails are falsely marked as spam. Obviously, the lower your false positive rate, the better your email filtering system will be for your business.

What Is a Good False Positive Rate?

Knowing the percentage of your emails that are improperly quarantined is a good start -- but how can you know if you need to get a different spam filter? First, it’s important to understand that after you first activate an email filtering system, you are more likely to see false positives. Checking the quarantine folder to release any legitimate messages and making adjustments to the whitelist during this initial period should then be enough to prevent most (if not all) false positives in the future.

After your initial whitelisting session, you should hardly ever see any false positives. In fact, this has become the expected norm for much of the email filtering industry. A third-party company, like Virus Bulletin, routinely tests email security solutions to check their false positive rates. To earn the company’s VBSpam+ distinction, a filtering service cannot have a single false positive during the testing period.

While a VBSpam+ award doesn’t guarantee that you won’t ever have false positives in the future, companies that achieve this distinction are able to provide a 99.5% zero false positive rate, with a minimal 2.5% false positive rate for newsletters. With such low false positive rates, email managers can spend less time worrying about messages that may have gone missing and more time focused on the tasks that matter most.


Protecting your company from phishing attempts and malware is important. But you don’t want to do this in a way that causes you to miss out on important messages from clients, vendors, and others that help keep your organization going. By understanding how false positive rate is calculated and choosing an email security solution that minimizes the potential for these mishaps, your company will be better positioned for safe and steady growth in our increasingly digital world.