Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Forefront Security for Exchange spam filtering

Posted on 2011-03-07
Medium Priority
Last Modified: 2012-05-11
We recently disabled antispam services in exchange because it was blocking important emails coming through. We are using forefront as well for exchange. After disabling antispam in exchange we were planning on releying on forefront to take care of everything. We got tons and tons of spam over the weekend. FOrefront doesnt seem to user friendly and I cant see where it would be filtering for spam or if we need to enable it, or even if there is a built in list. Can someone please tell me how to filter for spam in forefront, or how to fine tune it. Thanks.
Question by:JessicaWatters
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 1400 total points
ID: 35057801
When you install Forefront Protection for Exchange (FPE 2010) it automatically disables the filtering within that Exchange server regardless of whether you think you have enabled it or not. If you think about it, it would be nigh on impossible to have two filtering systems active at the same time.

Do you actually understand how spam filtering works?

Have you reviewed the policy sections within the FPE console to decide on which engines you want to use and what you want to do with the spam that is found?  ie delete/quarantine etc?

Author Comment

ID: 35058365
Well when I disable content filtering in exchange on the antispam tab we get tons of spam coming in to users, and if I re-enable the content filtering (in exchange) it seems to stop the spam. I was told by one of our IT consultants that we didnt need to have it enabled because it was doing double work and may catch emails we should be getting, and let forefront do the filtering, which it doesnt seem to be doing unless what I disabled is part of forefront to begin with. There must be something I am missing here.

Author Comment

ID: 35058388
By "engines you want to use", do you mean file scanners? If so we are using 4 diff. scanners and set to quarentine. I only see viruse quarentined.....nothing on content.
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

LVL 51

Accepted Solution

Keith Alabaster earned 1400 total points
ID: 35058710
The Exchange control is in the Exchange System Manager and should be left as enabled. However, the FPE install then takes all of this over and it is then controlled via the FPE console. You should not amend anything in regards to spam/content in the Exchange system manager at all - leave it alone :)

Have you added anything to the FPE content control such as keyword filters or the like? I know it is not an intuitive interface but you do get used to it - honest.
If you open the gui - select Policy management - Filter lists - create
This will give you a list of things you can do.

Author Comment

ID: 35058999
We are using version 10.2.0942.0 with sp2. I dont see policy mgmt, however see filtering-filter lists, and I have a few things in there. Is there where you are refering to? Dont see anything on "create".
Our IT consultants "disabled" all antispam services in exchange 2007 hub console, I had to re-enable them as per what you mentioned above.  
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35059192
thats the old FSE application - that system has been replaced by Forefront Protection for Exchange (Version 11).
This MAY be of some use to you

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This video discusses moving either the default database or any database to a new volume.

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question