How can I prevent spam from being sent via Exchange Activesync

I'm currently using Cloudmark Spam filter for Windows Server.  The problem I'm having is that each and every email gets sent to the associated phones that are tied in using Exchange Activesync 2007.  It's killing the phone batteries as they are receiving hundreds of emails a day when they should only be getting the 'valid' emails that are not spam.

Is there a solution for this?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Alan HardistyCo-OwnerCommented:
The only way to stop spam getting to your phone via Activesync is to stop the spam getting to your mailbox in the first place.

If cloudmark isn't up to the job, I'd recommend you try something else such as Vamsoft ORF which I use and it is brilliant - ($239 per server).
You can also create a 'Rule' from Outlook or OWA and move the SPAM to any other folder other than the INBOX as Exchange ActiveSync will only sync emails that come into the INBOX

or as alanhardisty says, get a new spam filter... ;-)

Let us know how it goes.
Don't waste your time and money on another 3rd party product.  I am very familiar with Cloudmark's products and at one point recommended them to everyone.  (I still do for standalone Outllook customer's not connected to Exchange).  Exchange includes all you need to do a better job than any 3rd party spam tool.  The below steps will block the message before it hits the user's mailbox preventing them from getting the spam on any device.

Step 1.  Cancel Cloudmark (of course you could just temporarily disable until after you try this).
Step 2. Add IP Block List Providers in Exchange Management (Organization Configuration/Hub Transport/Anti-Spam/IP Block List Providers/Providers)
Step 3. Hear the praises of your users and send me a check for half the money you just saved. :-)

Ok, a little more detail on step 2. You may need to investigate which providers work best for you but start with SpamHaus (  It's the most reliable one out there in my opinion.  I also use Barracuda Central as a secondary provider ( on my own server--you have to register your ip with them (no fee).  When adding the lists, put your provider's name in the provider name fileld and the address (i.e. in the Lookup Domain field.  Select Match any return code and click OK. You can add multiple block list providers.  

Here are some more you can use too but I find adding too many causes false positives.  UCEProtect (, and, SpamCannibal (, Swinog (, SpamCop ( and SORBS (  Note that all of these lists are free.  Barracuda is the only one requiring a registration.

Let me know if you  need any more detail.  It really is very simple.  Good luck!
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

creativenetworksAuthor Commented:
One of the things I like about Cloudmark is that it 'holds' your spam in a local Outlook folder for review and release if needed.  Can you elaborate on how or if Exchange does that?  I'm definitely interested in a different solution if it works better.  Being a systems integrator I also have access to Kasperskys Spam product but ran into an issue where Outlook was having Sync issues when used.

Great option above btw!
Alan HardistyCo-OwnerCommented:
Vamsoft's biggest bonus is the use of greylisting - rejecting the first connection attempt from unknown sources.  This alone kills most spam dead as spammers tend to connect, dump and leave, not hang around or try to resend.

Next attempt the mail has to jump through lots of hoops otherwise it gets rejected.  Has to be seen to be believed.
yes you can do that in exchange. you can define what happens to messages based on their spam confidence level (scl rating). the ONLY reason to use a third party spam tool is if you don't want to take the time to learn how to use the features of exchange that the 3rd party tools configure for you.
creativenetworksAuthor Commented:
Can I use Cloudmark AND Exchange together?  In other words have Exchange to first level scanning and Cloudmark only scan what gets through Exchange?
creativenetworksAuthor Commented:
Bitmasters, I've setup spamhouse as a test.  Can you tell me where the spammed emails go?  Do they get returned or spooled locally so I can release an email that should have gone through?

Thanks so much for an apparent easy solution.

Also do I need to register with Spamhouse or simply add their name and url?

Thanks again
The purpose of the block list is to rate all messages that hit your server.  It's up to the server to determine what to do with the message.  With the basic instructions I gave you (which are the recommended settings) the server will reject messages (send them back to the sender) with a message that tells the sender it was rejected and by which provider.  You can configure exchange to  ignore certain codes and let the messages come through but its not recommended.  You have other methods to block, delete or quarantine messages also by using the Content Filtering tool of exchange.  Just letting Exchange do it's thing with all the antispam checks coupled with adding block lists and even just alone will be extremely effective in combatting spam.

Spamhaus recommends that you let your system reject the messages that fail so that the sender knows they have a problem and also so that we just don't accept spamming.  If the spammer doesn't get rejected he keeps on sending them.  You will encounter a valid sender now and then that complains he can't get messages to you.  Test their domain at and it will tell them which block list is rejecting them with instructions on how to get it fixed.

My clients that had Cloudmark cancelled their service after I configured exchange with a block list and have never complained since about spam.  I am sure commercial spam blockers hate it when you find out you really don't need them.

Here is SpamHaus' policy on whether you need to pay.  Note the definition of commercial use at the bottom of the page.  Essentially if you have less than 100,000 smtp connections a day and your query volume is less than 300,000 per day and you are not reselling spam blocking services then you qualify for free service.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
creativenetworksAuthor Commented:
Worked to perfection!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.