Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Exchange 2010  content filtering (Anti-SPAM) not working properly

Posted on 2013-01-08
Medium Priority
Last Modified: 2013-01-23
Hello all,

I have a windows server 2012 Standard hosting a Virtual windows server 2008R2 with exchange 2010. The exchange 2010 is newly operational and was migrated from a Windows 2003 server with exchange 2003. The old exchange server is still operational since the server is also acting as DC and DNS and I didn't want to remove exchange 2003 until i know that all is working properly on the exchange 2010. The exchange 2010 is fully operational all that needs to be done is the removal of the old exchange from the 2003 server.
My issue is that I've activated the built in anti-spam on the exchange 2010 and configured it with some basic settings and things don't seem to be working right. Also when i try to configure settings such as add multiple domains to the "Allow" list, add multiple e-mails to the "Allow" list to bypass filtering.

More details:
For example I have the "Reject messages with SCL rating greater than or equal to:" unchecked (See image) SCL settings but there are some people who's e-mails still get rejected with my custom rejection error message even though rejection is set to off.(see image) REjection e-mail

I've been able to add just one domain to the "Allow List" (BypassedSenderDomains) but every time I try to add multiple ones I get an error message (see image)Error when adding multiple domains stating that one of the values is already present but from looking at the results of the "get-ContentFilterConfig" command that is not the case. (see image)get-ContentFilterConfig results
The command used was "Set-ContentFilterConfig -BypassedSenderDomains,," (removed original domain names here).

Also when I add a single domain using the "Set-ContentFilterConfig -BypassedSenderDomains" and then run the "get-ContentFilterConfig" to get the settings the previous domain is no longer on the list but the current one added took it's place.
I also cannot add multiple e-mails to the "Allow" List.

Lastly I would like to set the messages with an SCL higher or equal to "7" straight to Outlook's "SPAM" folder when it comes in but can't find how to do it.

Thank you in advance for your help!! It's greatly appreciated!
Question by:1pcxpert
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 16

Assisted Solution

by:Bruno PACI
Bruno PACI earned 2000 total points
ID: 38758143

About adding several domain names in the content filter, I'm not sure but I already had problem with other powershell commands... It was about syntax. Try with quotes like that:

Set-ContentFilterConfig -BypassedSenderDomains "","",""

About why you still have some reject mails even after unchecking SCL action:
The Scoring Level rejection in the content filter has nothing to do with Sender Domain filter... Even if you remove any SCL filter you might still have a Sender Domain filter somewhere that blocks e-mails.

About moving spams to an Outlook Folder:
Why not try to "stamp" incoming suspected spam e-mails using a transport rule (you can do it in Exchange) and then add a rule on mailboxes to move stamped messages to a specific folder ?

Author Comment

ID: 38784514
Hello PaciB,
Thanks for the reply.

The problem is not the syntax , I tried it with the quotes as well and had the same result.
Any other ideas?

You were correct , It's the "IP Block List provider" service that was blocking the e-mails and there is no setting that filters allowed domains or users. Unfortunately it'll either block if they are listed on a "Blacklist" or allow the e-mail through if they're not. so in short if I want all my clients to be able to send e-mail and have it all be accepted by the server I have to "disable" that on the server which sucks since it would be better if it gave me the option to filter. I thought the "SCL filtering" and the "IP Block List provider" worked together but they don't.

I already have a transport rule that labels any e-mail with an SCL rating equal to 5 or above with a "***Possible SPAM***" Label. but that doesn't  automatically place the e-mail in the "SPAM" folder, some goes into the "SPAM" folder and others don't.  Also if I do what you recommend then it opens up other potential headaches on each client PC that has that configuration i.e the outlook rule gets corrupted and needs looking into. I want to avoid having to deal with each client PC and want to have more of a central control over this to avoid more work for myself. What I want to know is how to adjust the SCL filtering in a way that I tell the server (and outlook) if an e-mail comes in with an SCL rating equal to or higher then 6  it should automatically make it go to the "SPAM" folder in outlook for any client PC.

Thanks again for the help, i appreciate it!
LVL 16

Accepted Solution

Bruno PACI earned 2000 total points
ID: 38784594

About a transport rule to tag messages as spam so that Exchange will store them in "Junk mail" folder, take a look at chapter 8.8.2 of this article :

If the transport rule forces the Spam Confident Level (SCL) to 9 then the mail should be stored in the Junk Mail folder.

You may try a rule like that :
"If the SCL is above 'N' then set the SCL to 9" and test it.

Have a good day

Author Closing Comment

ID: 38812500
Thanks again for the help !
Much appreciated!

Featured Post

Enroll in September's Course of the Month

This month’s featured course covers 16 hours of training in installation, management, and deployment of VMware vSphere virtualization environments. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Know the reasons and solutions to move/import EDB to New Exchange Server. Also, find out how to recover an Exchange .edb file and to restore the file back.
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Suggested Courses

661 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question