-
1
- #1
If you aren't already running the Exchange Intelligent Message Filter you should get on it. This message filter isn't rule based, so it doesn't require updates as much as some rule based spam filters.
But like security, it's always good to have layers. Why not have 2 spam filters?
Also use a public RBL site (spamcop.net, there are more but this is the one I chose) to reverse look-up spammers and strip even more spam from my system.
When do you this, keep in mind tha the IMF will happen first, then this filter, so your IMF spam folder might contain messages that are on known spam lists, but that's a good thing right?
Here's how to configure it:
1.) In Server Management, expand Advanced Management, First Organization (Exchange) and Global Settings
2.) Right-click Message Delivery and choose Properties
3.) Since we're going to spam filter on connection, change to the Connection Filter tab to add the RBL info
4.) Click Add... to add a new filter
5.) In Display Name type the name of the filter so you can recognize it (It also appears in a default NDR message shown later in this bullet), like SpamCop. In the DNS Suffix of Provider is where you do your leg work to find the RBL sites DNS suffix, for example, spamcop.net's suffix is bl.spamcop.net, so I added this in there. In the final field Custom Error Message to Return I leave blank since it will return an email in the form of {Sender IP Address} has been blocked by {Display Name}.... I do not use the Return Status Code
6.) Now we've created filter, we need to tell Exchange to use it.
7.) Drill down into Servers, {Servername}, Protocols, SMTP and right-click on Default SMTP Virtual Server and select Properties
8.) On the General tab, choose Advanced
9.) Highlight All Unassigned and choose Edit
10.) Check the box Apply Connection Filter, and click OK until you're back to Server Management
That's all there is to it, Exchange will now check each message against spamcop.net to not let it into your inbox if spamcop knows the sender as a spammer.
Two layers is better than one!
But like security, it's always good to have layers. Why not have 2 spam filters?
Also use a public RBL site (spamcop.net, there are more but this is the one I chose) to reverse look-up spammers and strip even more spam from my system.
When do you this, keep in mind tha the IMF will happen first, then this filter, so your IMF spam folder might contain messages that are on known spam lists, but that's a good thing right?
Here's how to configure it:
1.) In Server Management, expand Advanced Management, First Organization (Exchange) and Global Settings
2.) Right-click Message Delivery and choose Properties
3.) Since we're going to spam filter on connection, change to the Connection Filter tab to add the RBL info
4.) Click Add... to add a new filter
5.) In Display Name type the name of the filter so you can recognize it (It also appears in a default NDR message shown later in this bullet), like SpamCop. In the DNS Suffix of Provider is where you do your leg work to find the RBL sites DNS suffix, for example, spamcop.net's suffix is bl.spamcop.net, so I added this in there. In the final field Custom Error Message to Return I leave blank since it will return an email in the form of {Sender IP Address} has been blocked by {Display Name}.... I do not use the Return Status Code
6.) Now we've created filter, we need to tell Exchange to use it.
7.) Drill down into Servers, {Servername}, Protocols, SMTP and right-click on Default SMTP Virtual Server and select Properties
8.) On the General tab, choose Advanced
9.) Highlight All Unassigned and choose Edit
10.) Check the box Apply Connection Filter, and click OK until you're back to Server Management
That's all there is to it, Exchange will now check each message against spamcop.net to not let it into your inbox if spamcop knows the sender as a spammer.
Two layers is better than one!