Exchange 2010  content filtering (Anti-SPAM) not working properly

Posted on 2013-01-08
Last Modified: 2013-01-23
Hello all,

I have a windows server 2012 Standard hosting a Virtual windows server 2008R2 with exchange 2010. The exchange 2010 is newly operational and was migrated from a Windows 2003 server with exchange 2003. The old exchange server is still operational since the server is also acting as DC and DNS and I didn't want to remove exchange 2003 until i know that all is working properly on the exchange 2010. The exchange 2010 is fully operational all that needs to be done is the removal of the old exchange from the 2003 server.
My issue is that I've activated the built in anti-spam on the exchange 2010 and configured it with some basic settings and things don't seem to be working right. Also when i try to configure settings such as add multiple domains to the "Allow" list, add multiple e-mails to the "Allow" list to bypass filtering.

More details:
For example I have the "Reject messages with SCL rating greater than or equal to:" unchecked (See image) SCL settings but there are some people who's e-mails still get rejected with my custom rejection error message even though rejection is set to off.(see image) REjection e-mail

I've been able to add just one domain to the "Allow List" (BypassedSenderDomains) but every time I try to add multiple ones I get an error message (see image)Error when adding multiple domains stating that one of the values is already present but from looking at the results of the "get-ContentFilterConfig" command that is not the case. (see image)get-ContentFilterConfig results
The command used was "Set-ContentFilterConfig -BypassedSenderDomains,," (removed original domain names here).

Also when I add a single domain using the "Set-ContentFilterConfig -BypassedSenderDomains" and then run the "get-ContentFilterConfig" to get the settings the previous domain is no longer on the list but the current one added took it's place.
I also cannot add multiple e-mails to the "Allow" List.

Lastly I would like to set the messages with an SCL higher or equal to "7" straight to Outlook's "SPAM" folder when it comes in but can't find how to do it.

Thank you in advance for your help!! It's greatly appreciated!
Question by:1pcxpert
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 16

Assisted Solution

by:Bruno PACI
Bruno PACI earned 500 total points
ID: 38758143

About adding several domain names in the content filter, I'm not sure but I already had problem with other powershell commands... It was about syntax. Try with quotes like that:

Set-ContentFilterConfig -BypassedSenderDomains "","",""

About why you still have some reject mails even after unchecking SCL action:
The Scoring Level rejection in the content filter has nothing to do with Sender Domain filter... Even if you remove any SCL filter you might still have a Sender Domain filter somewhere that blocks e-mails.

About moving spams to an Outlook Folder:
Why not try to "stamp" incoming suspected spam e-mails using a transport rule (you can do it in Exchange) and then add a rule on mailboxes to move stamped messages to a specific folder ?

Author Comment

ID: 38784514
Hello PaciB,
Thanks for the reply.

The problem is not the syntax , I tried it with the quotes as well and had the same result.
Any other ideas?

You were correct , It's the "IP Block List provider" service that was blocking the e-mails and there is no setting that filters allowed domains or users. Unfortunately it'll either block if they are listed on a "Blacklist" or allow the e-mail through if they're not. so in short if I want all my clients to be able to send e-mail and have it all be accepted by the server I have to "disable" that on the server which sucks since it would be better if it gave me the option to filter. I thought the "SCL filtering" and the "IP Block List provider" worked together but they don't.

I already have a transport rule that labels any e-mail with an SCL rating equal to 5 or above with a "***Possible SPAM***" Label. but that doesn't  automatically place the e-mail in the "SPAM" folder, some goes into the "SPAM" folder and others don't.  Also if I do what you recommend then it opens up other potential headaches on each client PC that has that configuration i.e the outlook rule gets corrupted and needs looking into. I want to avoid having to deal with each client PC and want to have more of a central control over this to avoid more work for myself. What I want to know is how to adjust the SCL filtering in a way that I tell the server (and outlook) if an e-mail comes in with an SCL rating equal to or higher then 6  it should automatically make it go to the "SPAM" folder in outlook for any client PC.

Thanks again for the help, i appreciate it!
LVL 16

Accepted Solution

Bruno PACI earned 500 total points
ID: 38784594

About a transport rule to tag messages as spam so that Exchange will store them in "Junk mail" folder, take a look at chapter 8.8.2 of this article :

If the transport rule forces the Spam Confident Level (SCL) to 9 then the mail should be stored in the Junk Mail folder.

You may try a rule like that :
"If the SCL is above 'N' then set the SCL to 9" and test it.

Have a good day

Author Closing Comment

ID: 38812500
Thanks again for the help !
Much appreciated!

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes how to import an Outlook PST file to Office 365 using a third party product to avoid Microsoft's Azure command line tool, saving you time.
In this article I discuss my selections of the Top Four free Outlook OST File Viewers available. Open, view and read even damaged OST files by using these tools. They all provide a clear preview of all data such as emails, notes, tasks, calendars, e…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question