Forefront Security for Exchange spam filtering

Posted on 2011-03-07
Last Modified: 2012-05-11
We recently disabled antispam services in exchange because it was blocking important emails coming through. We are using forefront as well for exchange. After disabling antispam in exchange we were planning on releying on forefront to take care of everything. We got tons and tons of spam over the weekend. FOrefront doesnt seem to user friendly and I cant see where it would be filtering for spam or if we need to enable it, or even if there is a built in list. Can someone please tell me how to filter for spam in forefront, or how to fine tune it. Thanks.
Question by:JessicaWatters
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 350 total points
ID: 35057801
When you install Forefront Protection for Exchange (FPE 2010) it automatically disables the filtering within that Exchange server regardless of whether you think you have enabled it or not. If you think about it, it would be nigh on impossible to have two filtering systems active at the same time.

Do you actually understand how spam filtering works?

Have you reviewed the policy sections within the FPE console to decide on which engines you want to use and what you want to do with the spam that is found?  ie delete/quarantine etc?

Author Comment

ID: 35058365
Well when I disable content filtering in exchange on the antispam tab we get tons of spam coming in to users, and if I re-enable the content filtering (in exchange) it seems to stop the spam. I was told by one of our IT consultants that we didnt need to have it enabled because it was doing double work and may catch emails we should be getting, and let forefront do the filtering, which it doesnt seem to be doing unless what I disabled is part of forefront to begin with. There must be something I am missing here.

Author Comment

ID: 35058388
By "engines you want to use", do you mean file scanners? If so we are using 4 diff. scanners and set to quarentine. I only see viruse quarentined.....nothing on content.
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

LVL 51

Accepted Solution

Keith Alabaster earned 350 total points
ID: 35058710
The Exchange control is in the Exchange System Manager and should be left as enabled. However, the FPE install then takes all of this over and it is then controlled via the FPE console. You should not amend anything in regards to spam/content in the Exchange system manager at all - leave it alone :)

Have you added anything to the FPE content control such as keyword filters or the like? I know it is not an intuitive interface but you do get used to it - honest.
If you open the gui - select Policy management - Filter lists - create
This will give you a list of things you can do.

Author Comment

ID: 35058999
We are using version 10.2.0942.0 with sp2. I dont see policy mgmt, however see filtering-filter lists, and I have a few things in there. Is there where you are refering to? Dont see anything on "create".
Our IT consultants "disabled" all antispam services in exchange 2007 hub console, I had to re-enable them as per what you mentioned above.  
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35059192
thats the old FSE application - that system has been replaced by Forefront Protection for Exchange (Version 11).
This MAY be of some use to you

Featured Post

Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question