Exchange Server 2007 : Enable Antispam Configuration

1/30/2011 9:37:19 AM
Problem : Both the Edge Transport and Hub Transport servers have the capability to protect your organization from spam. However, the Hub Transport server doesn’t seem to have the features turned on. How do you get my antispam working on the Hub Transport Server and how do you configure the settings?

Solution :
The recommendation is to work with your antispam settings on your Edge Transport server. However, in the event you do not have an Edge Transport server, you can enable these same features on your Hub Transport server. To do this, perform the following:

Open the EMS.

If you installed Exchange to the default directory, change your directory location within the shell to C:\program files\Microsoft\Exchange Server\Scripts.

Then type ./install-AntiSpamAgents.ps1.

Next, restart your Transport Service.

Return to the EMC, and under the Organization work center and Hub Transport settings, look for the Anti-Spam tab (which didn’t exist before).

To locate the tools on the Edge Transport server, open the EMC, select Edge Transport, and then look for them on the Anti-Spam tab.

The Nine Antispam Features

As you can see in Figure 1, you can configure nine different antispam features. Each one has its own ability to protect (some might be used more than others). This is not to say you shouldn’t consider additional antispam or antivirus products. Many solutions can assist in the battle against spam.

Figure 1. The nine antispam features.

To work with the antispam features, double-click any of them from within the list. The key then is to know how to configure the settings. Let’s review each of the options and how they work.

  • Content Filtering— Filters junk email by using a probability-based algorithm that can learn what is and what isn’t spam. Use the Content Filtering feature to filter junk email based on the content of the message. You can set the filtering threshold actions, how content is analyzed, recipient exceptions, and specific words and phrases for the Content Filtering feature to act upon. You can configure custom words and exceptions. You can also determine Spam Confidence Level (SCL) rating thresholds, as shown in Figure 2.

    Figure 2. Spam Confidence Level (SCL) ratings.


    Messages with an SCL of 9 are more likely to be spam, whereas those of 0 are likely not to be spam. Depending on the types of issues found with an email, the SCL rating will rise. You can configure the SCL response to delete the message if it reaches a threshold, or to quarantine it or reject the message. If you quarantine it, you have to provide a quarantine mailbox for the server to use.

  • IP Allow List— Specifies IP addresses that you are always allowed to connect to and transmit email messages to this server. Accept connections from individual IP addresses or from ranges of IP addresses.

  • IP Allow List Providers— Maintains lists of sender domains that can be relied on not to send junk email. Use this feature to determine which IP Allow List provider to use.

  • IP Block List— Similar to its Allow List counterpart, you specify IP addresses that you are blocking from connecting to and transmitting email messages to and from.

  • IP Block List Providers— Maintains lists of sender domains that cannot be relied on and that must be blocked from connecting to and transmitting email messages to and from. These block list providers can be invaluable in that they maintain up-to-date lists that you can connect to and utilize.

  • Recipient Filtering— A simple feature where you can specify a list of email recipients from which the server will not accept messages. You can block individuals or domains. There is also a checkbox option on the Blocked Recipient tab that enables you to, with one click, block messages sent to recipients not listed in the Global Address List.

  • Sender Filtering— Specifies a list of email senders that you want to block completely. You can block individuals, domains, or whole domain hierarchies. You can also specify how Exchange Transport servers respond when a blocked sender or domain transmits a message. The Sender Filter feature also lets you block messages that do not specify who sent a message. This means no messages with blank senders.

  • Sender ID— Intended to combat email spoofing and to provide enhanced protection against phishing schemes. Use Sender ID to examine a senders purported responsible address (PRA). If the check fails, you can determine whether you want to reject or delete the message, or send it along with a stamped message of Sender ID results.

  • Sender Reputation— Collects information about recent email messages received, and if a sender appears to be the source of junk email, the address is added to a list. There is some flexibility as to the length of time a sender can be blocked, and you can also enable/disable open proxy testing.

Antispam Updates

To update the Edge Transport servers’ antispam agents, you can disable and then re-enable the updates from the Actions pane. This presents you with the Enable Anti-Spam Updates Wizard, shown in Figure 3.

Figure 3. Antispam updates.

You can configure the updates to occur manually or automatically. You can allow/deny spam signature updates and IP reputation updates. You can also configure the update service to use the Microsoft Update process to keep definitions up to date.

  •  Exchange Server 2007 : Establish EdgeSync Subscriptions
  •  Managing Exchange Server 2010 : The Exchange Control Panel (ECP)
  •  Managing Exchange Server 2010 : The Exchange Management Console
  •  Migrating from Legacy SharePoint to SharePoint Server 2010 : Using Visual Upgrade
  •  Migrating from Legacy SharePoint to SharePoint Server 2010 : Performing a Database Attach Upgrade
  •  SharePoint 2010 : Performing an In-Place Upgrade of a SharePoint Environment
  •  Sharepoint 2007: Create a New List Item
  •  Sharepoint 2007: Create a New Document
  •  Exchange Server 2007 : Administrate Transport Settings - Manage Connectors (Send and Receive)
  •  Exchange Server 2007 : Administrate Transport Settings - Configure Journaling
  •  Managing Exchange Server 2010 : The Exchange Management Shell (part 3) - Reporting with the Exchange Management Shell
  •  Managing Exchange Server 2010 : The Exchange Management Shell (part 2) - Remote PowerShell
  •  Managing Exchange Server 2010 : The Exchange Management Shell (part 1) - Bulk user creation in the Exchange Management Shell
  •  Migrating from Legacy SharePoint to SharePoint Server 2010 : Planning for an Upgrade to SharePoint 2010
  •  Migrating from Legacy SharePoint to SharePoint Server 2010 : Formulating a Migration Strategy
  •  Sharepoint 2007: Upload a File Using the Explorer View
  •  Sharepoint 2007: Upload a File Using Web Folders
  •  Sharepoint 2007: Upload a File from an Office Application
  •  Sharepoint 2007: Upload a File - Upload a File from the Web Interface
  •  Exchange Server 2007: Manage Recipients - Configure Expansion Servers
    Top 10
    Silverlight Tools: Silverlight IDEs
    Persisting Data on the Client with Silverlight 4
    Windows Server 2008 : Using Windows Server Update Services
    Algorithms for Compiler Design: PREDICTIVE PARSING ERROR RECOVERY
    iPhone 5 rumors fueled by new iPad released
    Using Non-Windows Systems to Access Exchange Server 2010 : Understanding Non-Windows–Based Mail Client Options
    Windows 7 :Navigating Your Computer with the Address Bar (part 2) - Using Selected Paths to Quickly Navigate Your Computer
    Sharepoint 2007: Create a New Document Library
    Windows Server 2008 : Installing and Configuring Websites (part 1) - Creating a Website with IIS 7.5 & Creating a Virtual Directory
    Most View
    SQL Server 2008 Command-Line Utilities : The sqldiag Command-Line Utility
    Visual Studio 2010 : Writing Custom Facebook Applications - Querying Data from Facebook
    Wireless Networking Essentials (Part 2) : Wireless Repeater, Limitation Of A Wireless Network
    Programming .NET Security : Symmetric Encryption Explained (part 2) - Cipher Modes
    Microsoft XNA Game Studio 3.0 : Displaying Images - Using Resources in a Game (part 1) - Loading XNA Textures
    How to set up your own virtual private network (Part 2)
    Expert computing advice (Part 2)
    Windows Phone 7 Development : Wiring Up Events to an Application Bar ( part 1) - Reacting to Add Button Events
    Windows Server 2008 R2 and Windows 7 : Overview of Branchcache & Planning to Deploy Branchcache
    Resolve a Hostname to an IP Address
    SQL Server 2008 : Managing Query Performance - Forcing a Specific Execution Plan
    Building LOB Applications : Implementing CRUD Operations in WCF Data Services
    SQL Server 2008 : Transact-SQL Programming - TOP Enhancements
    Migrating from Legacy SharePoint to SharePoint Server 2010 : Performing a Database Attach Upgrade
    IIS 7.0 : Enabling and Configuring FRT - Tracing a Specific Error Code
    iPhone Application Development : Working with Text, Keyboards, and Buttons (part 1) - Adding Text Fields
    Exchange Server 2010 : Backup and Disaster Recovery Planning
    Windows 9 : What to expect - 32-bit support , WinRT & XNA
    Exchanging XML Messages over HTTP
    Deploying the Client for Microsoft Exchange Server 2010 : Planning Considerations and Best Practices