• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4790
  • Last Modified:

Anti-spam on Exchange


I installed the anti-spam script in the console and left it as is as I don't really have anyone I want to block or allow, I was kind of hoping that the anti-spam would sort things out for me. Now, all emails are getting rejected by the anti-spam.

I had to go into the console and disable 'content filtering' and now spam populates our mailboxes again. Can someone please explain how to configure the anti-spam services provided in exchange.

Our receive connectors are set to allow all mail from ports 587 and 25. Send connectors send mail to our smart host which is our sendmail server.

Can someone point me in the right direction?
  • 2
  • 2
1 Solution
Network_PadawanAuthor Commented:
I also got the following warning in my event logs

"Anti-spam agents are enabled, but the list of internal SMTP servers is empty. If there are any MTAs between this server and the Internet, populate this list by using the Set-TransportConfig cmdlet in the Exchange Management Shell."

I went to the console and typed: set-TransportConfig -InternalSMTPServer (which is our sendmail on the edge) and I got the following error:

Set-TransportConfig : Cannot bind parameter 'InternalSMTPServers'. Cannot conve
rt value "203.380.180.201" to type "Microsoft.Exchange.Data.IPRange". Error: "T
he format of the IP address 203.380.180.201 is invalid. Example of a valid IP a
At line:1 char:40
+ set-transportconfig -InternalSMTPServer  <<<< 203.380.180.201

I don't understand what's going on here.
If you have a Sendmail server on the Edge that is what should be doing the spam filtering. By the time it gets to Exchange that is too late.

All of the antispam options are enabled by default, I would suggest you turn them all off, so that you can configure them correctly before enabling them again.

Network_PadawanAuthor Commented:
Hi Mestha,

You are right but I just wanted to test it thats all. I read from all manner of exchange books that Exchange hub transport can remove spam, it doesn't need it at the edge (though I know the edge having the anti-spam configured is the best option).

Can I ask you one question mestha? It states at the transport config that I need to declare all Internal SMTP Servers to bypass the content filtering. Does all internal SMTP servers mean just the one exchange server I have or the smarthost that is sitting in the DMZ aswell?

It is NON Exchange servers that have to be entered. Exchange knows when the message has originated from another Exchange server.

Configure the list of internal SMTP servers
If your Edge Transport servers are subscribed into the Exchange organization, you must perform the following tasks on a Hub Transport server. The configuration is stored in Active Directory and then the Microsoft Exchange EdgeSync service ensures that the list of internal SMTP servers is propagated to all your subscribed Edge Transport servers.
To configure the list of internal SMTP servers:
1. Open the Exchange Management Shell.
2. To add a single IP address or multiple IP addresses to the list, run the following command: Set-TransportConfig -InternalSMTPServers:"",""
3. To add a range of IP addresses to the list, run the following command: Set-TransportConfig -InternalSMTPServers:""
4. To add a subnet mask to the list, run the following command: Set-TransportConfig -InternalSMTPServers:""
5. To add a Classless Interdomain Routing (CIDR) IP address to the list, run the following command: Set-TransportConfig -InternalSMTPServers:""
6. To display internal SMTP servers setting: "Get-TransportConfig | fl InternalSMTPServers"
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now