Forefront Security for Exchange spam filtering

We recently disabled antispam services in exchange because it was blocking important emails coming through. We are using forefront as well for exchange. After disabling antispam in exchange we were planning on releying on forefront to take care of everything. We got tons and tons of spam over the weekend. FOrefront doesnt seem to user friendly and I cant see where it would be filtering for spam or if we need to enable it, or even if there is a built in list. Can someone please tell me how to filter for spam in forefront, or how to fine tune it. Thanks.
JessicaWattersAsked:
Who is Participating?
 
Keith AlabasterEnterprise ArchitectCommented:
The Exchange control is in the Exchange System Manager and should be left as enabled. However, the FPE install then takes all of this over and it is then controlled via the FPE console. You should not amend anything in regards to spam/content in the Exchange system manager at all - leave it alone :)

Have you added anything to the FPE content control such as keyword filters or the like? I know it is not an intuitive interface but you do get used to it - honest.
If you open the gui - select Policy management - Filter lists - create
This will give you a list of things you can do.
0
 
Keith AlabasterEnterprise ArchitectCommented:
When you install Forefront Protection for Exchange (FPE 2010) it automatically disables the filtering within that Exchange server regardless of whether you think you have enabled it or not. If you think about it, it would be nigh on impossible to have two filtering systems active at the same time.

Do you actually understand how spam filtering works?

Have you reviewed the policy sections within the FPE console to decide on which engines you want to use and what you want to do with the spam that is found?  ie delete/quarantine etc?
0
 
JessicaWattersAuthor Commented:
Well when I disable content filtering in exchange on the antispam tab we get tons of spam coming in to users, and if I re-enable the content filtering (in exchange) it seems to stop the spam. I was told by one of our IT consultants that we didnt need to have it enabled because it was doing double work and may catch emails we should be getting, and let forefront do the filtering, which it doesnt seem to be doing unless what I disabled is part of forefront to begin with. There must be something I am missing here.
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
JessicaWattersAuthor Commented:
By "engines you want to use", do you mean file scanners? If so we are using 4 diff. scanners and set to quarentine. I only see viruse quarentined.....nothing on content.
0
 
JessicaWattersAuthor Commented:
We are using version 10.2.0942.0 with sp2. I dont see policy mgmt, however see filtering-filter lists, and I have a few things in there. Is there where you are refering to? Dont see anything on "create".
Our IT consultants "disabled" all antispam services in exchange 2007 hub console, I had to re-enable them as per what you mentioned above.  
0
 
Keith AlabasterEnterprise ArchitectCommented:
thats the old FSE application - that system has been replaced by Forefront Protection for Exchange (Version 11).
This MAY be of some use to you
http://technet.microsoft.com/en-us/library/bb795069.aspx
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.