• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 857
  • Last Modified:

Change SCL Number - Exchange 2010 SP3

We are running SBS 2011 and are on Exchange 2010 SP3.  There are some internal emails going into the Junk folder in users Outlook 2010.  They show an SCL number of 9. The first is .wav files being forwarded from our Mitel 5000 phone system which is set up to relay off the Exchange server.  The second, also a relay, is from a program on our HyperV 2008 R2 standalone box.  Both are using internal email addresses, so they should be safe!  We've done the usual - not Junk in Outlook, but because of the SCL rating, that doesn't apply.  So, how does one change an SCL in Exchange when the email address is already in the accounts list?  

Thanks
0
normajm400
Asked:
normajm400
  • 4
  • 3
1 Solution
 
Simon Butler (Sembee)ConsultantCommented:
The fact that they are using internal email addresses means nothing. That is what spammers do. The only way that an email would get through the spam filter without filtering is if it originated on Exchange, which in this case it does not.

Therefore you have two options.

1. Use a transport rule to assign emails from those two sources as SCL -1.

2. Configure a special receive connector for those services, which cannot be seen from the internet, then configure them with the extended right "ms-exch-bypass-anti-spam"

Get-ReceiveConnector "Internal Servers" | Add-ADPermission -User "NT Authority\Anonymous Logon" -AccessRights ExtendedRight -ExtendedRights ms-exch-bypass-anti-spam

Simon.
0
 
normajm400Author Commented:
Thank you Simon for the quick reply.  Because we had the receive connectors set up for the two servers in order to relay, I used option 2.  Will give it an hour or so for the Exchange server to update, then give it a test.  Will post results...
0
 
Simon Butler (Sembee)ConsultantCommented:
Or just restart the transport service, the change is immediate then.

Simon.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
normajm400Author Commented:
Restarted the transport service.  Unfortunately Option #2 didn't work.  Still getting SCL 9 on the messages.  Here's a copy of the email header:

Received: from MitelServer.xxxx.local (192.xxx.xxx.xxx) by
ExchServer.xxxx.local (192.xxx.xxx.xxx) with Microsoft SMTP Server
(TLS) id 14.3.123.3; Mon, 24 Feb 2014 13:15:57 -0600
Received: from root by Mitel5000.xxxxx.local with local (Exim 4.77)
                (envelope-from <service@mycompany.com>)             id 1WI10L-0003jl-9k         for
mgolbach@mycompany.com; Mon, 24 Feb 2014 13:15:54 -0600
From: <service@mycompany.com>
To: <mgolbach@mycompany.com>
Reply-To: <mitelvm@mycompany.com>
Subject: [0:12] Message for MB 582 from a caller at (715) 610-1111
Content-Type: multipart/mixed; boundary="NewPart"
MIME-Version: 1.0
Message-ID: <E1WI10L-0003jl-9k@MitelServer.xxx.local>
Date: Mon, 24 Feb 2014 13:15:53 -0600
Return-Path: service@mycompany.com
X-MS-Exchange-Organization-AuthSource: ExchServer.xxxx.local
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 10
X-AntiMalwareExchange-CommtouchRefID: str=0001.0A020205.530B58DD.0255,ss=3,sh,re=0.000,fgs=0
X-MS-Exchange-Organization-SCL: 9
0
 
Simon Butler (Sembee)ConsultantCommented:
Are you sure it is going through the right connector?
As that should have worked.

Simon.
0
 
normajm400Author Commented:
The ip address listed on the connector matches the IP address of the "Received from: MitelServer".  Not sure where else to look...
0
 
normajm400Author Commented:
Tried option 1 - create a transport rule.  That took care of it.  Those emails are now flowing into the users' inboxes.

Thank you!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now