ENTERPRISE

Using Exchange Server 2010 Antispam Tools (part 1) - Enabling Antispam Agents for Hub Transport Servers , Enabling Automatic Updates for the Antispam Signatures

10/18/2014 9:01:28 PM

Microsoft has continued to improve the antispam capabilities of Exchange over the past few years. This evolution has continued through Exchange Server 2007 and to Exchange Server 2010. Out of the box, many of the antispam agents are enabled and configured; the configuration is usually targeted toward a typical organization. You can make some tweaks to ensure that your organization is effectively filtering spam. You can find the anti-spam features of the Edge Transport server on the Anti-spam tab, as shown in Figure 1.

Figure 1. Customizing anti-spam features of an Edge Transport server

You can see the different antispam configuration options you can configure for the Exchange 2010 Edge Transport server.

Overwhelmed with Spam

Company DEFG is an 18-person company that had become overwhelmed with spam. In the early days of the Internet, this company had widely posted their employees email addresses on their website; further, many employees participated in online forums and made no effort to mask or obfuscate their email address. The average employee received between 100 and 300 spam messages per day, and they were relying on client-side technologies, such as the Outlook junk email filter to clean up their junk email.

Analyzing the connections on their Exchange 2003 server, you would see between 5 and 40 bot connections at any given time, each trying to deliver to a series of random email addresses. In one 24-hour period, this small company had more than 18,000 connections and connection attempts, most by spammers.

By using the Exchange 2010 content filter (set to reject everything with an SCL of 7 or above and put everything with an SCL of 4 or above into the user's Junk Email folder) as well as using the Spamhaus ZEN block list, they were able to dramatically reduce the amount of spam making it to the user's mailbox.

After these features were enabled, the average user received fewer than two to three spam messages directly in their Inbox each day, and their Junk Email folder usually had 10 to 15 messages per day.


1. Enabling Antispam Agents for Hub Transport Servers

Out of the box, the Exchange 2010 Edge Transport server has several useful features that can help you dramatically reduce the amount of spam that you are receiving. If you do not deploy the Edge Transport server role and only use Hub Transport servers, these antispam transport agents can be installed on your Hub Transport servers as well.

You will find two PowerShell scripts (Install-AntispamAgents.ps1 and Uninstall-AntispamAgents.ps1) in the folder C:\Program Files\Microsoft\Exchange Server\v14\scripts.

On each of your Hub Transport servers on which you will be using the antispam agents, you will need to run the Install-AntispamAgents.ps1 script. This script only needs to be run on the Hub Transport servers that will receive inbound email from outside your organization.

To run the installation script, open the EMS, change to the scripts folder listed earlier, and then type this command:

.\Install-AntispamAgents.ps1

After you run this command, you will need to restart the Microsoft Exchange Transport service, then close and reopen any instances of the EMS and EMC.

2. Enabling Automatic Updates for the Antispam Signatures

If you want to receive antispam signature updates and IP reputation service updates, you will need to enable antispam updates. You would need to do this on all Hub Transports that receive email from the Internet and Edge Transport servers. To enable all updates to be automatically processed, here is the command we recommend running:

Enable-AntispamUpdates -IPReputationUpdatesEnabled $True 

-SpamSignatureUpdatesEnabled $True -UpdateMode Automatic 

-MicrosoftUpdate RequestScheduled

Once you run this command, you should stop and restart the Windows Update service. Note that automatic anti-spam updates depend on the Microsoft Update service function. You can verify the version of the updates that are being downloaded by using the Get-AntispamUpdates cmdlet, such in this example:

Get-AntispamUpdates

RunspaceId                  : 8752c366-c8c7-4304-bf2d-eb0de9cc2808
UpdateMode                  : Automatic

LatestContentFilterVersion  : 3.3.4604.600
SpamSignatureUpdatesEnabled : True
LatestSpamSignatureVersion  : 3.3.4604.600
IPReputationUpdatesEnabled  : True
LatestIPReputationVersion   : 3.3.4604.001
MicrosoftUpdate             : RequestScheduled
Other  
  •  Exchange Server 2007 Management and Maintenance Practices : Postmaintenance Procedures, Reducing Management and Maintenance Efforts
  •  Exchange Server 2007 Management and Maintenance Practices : Prioritizing and Scheduling Maintenance Best Practices (part 2) - Weekly Maintenance
    •
  •  Exchange Server 2007 Management and Maintenance Practices : Prioritizing and Scheduling Maintenance Best Practices (part 1) - Daily Maintenance
  •  Exchange Server 2007 Management and Maintenance Practices : Best Practices for Performiming Database Maintenance (part 2) - Offline Database Maintenance
  •  Exchange Server 2007 Management and Maintenance Practices : Best Practices for Performiming Database Maintenanceng (part 1) - Automatic Database Maintenance
  •  Exchange Server 2007 Management and Maintenance Practices : Auditing the Environment (part 3) - Message Tracking
  •  Exchange Server 2007 Management and Maintenance Practices : Auditing the Environment (part 2) - SMTP Logging
  •  Exchange Server 2007 Management and Maintenance Practices : Auditing the Environment (part 1) - Audit Logging - Enabling Event Auditing , Viewing the Security Logs
  •  Qnap TS-251Turbo NAS Review
    •
  •  Edmail See Without A Camera
    •
     
    Video
    Video tutorials
    - How To Install Windows 8

    - How To Install Windows Server 2012

    - How To Install Windows Server 2012 On VirtualBox

    - How To Disable Windows 8 Metro UI

    - How To Install Windows Store Apps From Windows 8 Classic Desktop

    - How To Disable Windows Update in Windows 8

    - How To Disable Windows 8 Metro UI

    - How To Add Widgets To Windows 8 Lock Screen

    - How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010
    programming4us programming4us
    Top 10
    Free Mobile And Desktop Apps For Accessing Restricted Websites
    MASERATI QUATTROPORTE; DIESEL : Lure of Italian limos
    TOYOTA CAMRY 2; 2.5 : Camry now more comely
    KIA SORENTO 2.2CRDi : Fuel-sipping slugger
    How To Setup, Password Protect & Encrypt Wireless Internet Connection
    Emulate And Run iPad Apps On Windows, Mac OS X & Linux With iPadian
    Backup & Restore Game Progress From Any Game With SaveGameProgress
    Generate A Facebook Timeline Cover Using A Free App
    New App for Women ‘Remix’ Offers Fashion Advice & Style Tips
    SG50 Ferrari F12berlinetta : Prancing Horse for Lion City's 50th
    Popular Tags
    Video Tutorail Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Exchange Server Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe Photoshop CorelDRAW X5 CorelDraw 10 windows Phone 7 windows Phone 8 Iphone