Solved

Can Forefront 2010 Excnage block sender keywords?

Posted on 2010-11-25
13
1,053 Views
Last Modified: 2012-05-10
I have Forefront 2010 for Exchange installed. I get spam from senders such as:-

Best Pfizer <me@mydomain.com>

Obviously I don't want to block my own address or domain in Forefront, what I want to do is scan for certain words in the senders address, or scan the entire email (body, headers and subject etc)...

Can this be done
0
Comment
Question by:Chris Millard
  • 4
  • 3
  • 3
  • +2
13 Comments
 
LVL 33

Expert Comment

by:Busbar
ID: 34211123
configure and enable back scaktter, this will prevent this.
0
 
LVL 17

Author Comment

by:Chris Millard
ID: 34211352
Do you by any chance have a link to how to do this?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34211489
@Busbar - What are you referring to?

Backscatter is the sending on Non Delivery Reports to Spammers due to not having Recipient Filtering on your own server.  What has this got to do with the question?

@roybridge - You can configure Content Filtering on the FTMG server to pick up words that don't get automatically filtered.  Personally - I have found the Anti-Spam measures on Exchange 2010 and FTMG to be severely lacking and have disabled them in favour of Vamsoft ORF - which continues to do a much better job IMHO.
0
 
LVL 16

Expert Comment

by:Auric1983
ID: 34212421
I agree with @Alanhardisty, regarding Vamsoft ORF, it's cheap and works really really well.  We use it here and have close to a 98% spam blocking ratio.



0
 
LVL 33

Expert Comment

by:Busbar
ID: 34212500
@Alan,
FFPE wasn't but biggest strength points I understood BS wrongfully, thanks for pointing it out.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34212754
No probs Busbar.  Wasn't sure if you were posting in the wrong question : )
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34213698
Sure it can do it.

Open the gui - select Policy Management
Select filters - -Filter lists.
Click create - select Keyword - Give the filter a meaningful name - such as 'Naughty Words'
Add the words to the list then click next.
Edit - of necessary - the hub transport details and what to do with emails that match these words and finally whether the filter is to act on inbound, outbound or internal mails (or all of them).
Then click on CREATE.
Job done

0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34213702
You can also select other wizards in the same section for sender, recipient, domains etc and slowly build up your set of rules.
0
 
LVL 17

Accepted Solution

by:
Chris Millard earned 0 total points
ID: 34345840
Unfortunately I have not been able to get ForeFront to block keywords in the senders address, and can not afford to purchase a 3rd party program to do this, so I will live with it for the time being.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34345994
Let me break this down a last time.

In respect to your specific question - turn on the option to allow delivery to addresses named in your central Exchange address list . This will stop the delivery of ANYthing that uses your internal namespace without having a valid user name/mail address. I've attached a screenshot for you to view.

Checking words is performed by a various filer lists as I mention previously.


 block-recip.docx
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34346981
Not sure if my article about preventing spam from your own domain is something you would consider as a solution to your problem.

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_2727-Prevent-Spam-From-Your-Own-Domain-in-Exchange-2007.html

This removes the ability for anonymous users to send mail from your internal domains to your server, cutting this type of spam out completely.

Don't know why I didn't think of this before!

Alan
0
 
LVL 17

Author Closing Comment

by:Chris Millard
ID: 34387548
I have not been able to resolve this issue, so will continue as-is.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 34387606
Absolutely ridiculous.
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now