Forefront Security for Exchange spam filtering

Posted on 2011-03-07
Last Modified: 2012-05-11
We recently disabled antispam services in exchange because it was blocking important emails coming through. We are using forefront as well for exchange. After disabling antispam in exchange we were planning on releying on forefront to take care of everything. We got tons and tons of spam over the weekend. FOrefront doesnt seem to user friendly and I cant see where it would be filtering for spam or if we need to enable it, or even if there is a built in list. Can someone please tell me how to filter for spam in forefront, or how to fine tune it. Thanks.
Question by:JessicaWatters
  • 3
  • 3
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 350 total points
ID: 35057801
When you install Forefront Protection for Exchange (FPE 2010) it automatically disables the filtering within that Exchange server regardless of whether you think you have enabled it or not. If you think about it, it would be nigh on impossible to have two filtering systems active at the same time.

Do you actually understand how spam filtering works?

Have you reviewed the policy sections within the FPE console to decide on which engines you want to use and what you want to do with the spam that is found?  ie delete/quarantine etc?

Author Comment

ID: 35058365
Well when I disable content filtering in exchange on the antispam tab we get tons of spam coming in to users, and if I re-enable the content filtering (in exchange) it seems to stop the spam. I was told by one of our IT consultants that we didnt need to have it enabled because it was doing double work and may catch emails we should be getting, and let forefront do the filtering, which it doesnt seem to be doing unless what I disabled is part of forefront to begin with. There must be something I am missing here.

Author Comment

ID: 35058388
By "engines you want to use", do you mean file scanners? If so we are using 4 diff. scanners and set to quarentine. I only see viruse quarentined.....nothing on content.
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

LVL 51

Accepted Solution

Keith Alabaster earned 350 total points
ID: 35058710
The Exchange control is in the Exchange System Manager and should be left as enabled. However, the FPE install then takes all of this over and it is then controlled via the FPE console. You should not amend anything in regards to spam/content in the Exchange system manager at all - leave it alone :)

Have you added anything to the FPE content control such as keyword filters or the like? I know it is not an intuitive interface but you do get used to it - honest.
If you open the gui - select Policy management - Filter lists - create
This will give you a list of things you can do.

Author Comment

ID: 35058999
We are using version 10.2.0942.0 with sp2. I dont see policy mgmt, however see filtering-filter lists, and I have a few things in there. Is there where you are refering to? Dont see anything on "create".
Our IT consultants "disabled" all antispam services in exchange 2007 hub console, I had to re-enable them as per what you mentioned above.  
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35059192
thats the old FSE application - that system has been replaced by Forefront Protection for Exchange (Version 11).
This MAY be of some use to you

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
powershell mailbox move question 8 43
Exchange 2016 Services 1 31
Remote Powershell Issue 3 28
New-MoveRequest Exchange 2010 Powershell 1 35
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
This video discusses moving either the default database or any database to a new volume.

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question