Solved

Change SCL Number - Exchange 2010 SP3

Posted on 2014-02-24
7
780 Views
Last Modified: 2014-02-26
We are running SBS 2011 and are on Exchange 2010 SP3.  There are some internal emails going into the Junk folder in users Outlook 2010.  They show an SCL number of 9. The first is .wav files being forwarded from our Mitel 5000 phone system which is set up to relay off the Exchange server.  The second, also a relay, is from a program on our HyperV 2008 R2 standalone box.  Both are using internal email addresses, so they should be safe!  We've done the usual - not Junk in Outlook, but because of the SCL rating, that doesn't apply.  So, how does one change an SCL in Exchange when the email address is already in the accounts list?  

Thanks
0
Comment
Question by:normajm400
  • 4
  • 3
7 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
Comment Utility
The fact that they are using internal email addresses means nothing. That is what spammers do. The only way that an email would get through the spam filter without filtering is if it originated on Exchange, which in this case it does not.

Therefore you have two options.

1. Use a transport rule to assign emails from those two sources as SCL -1.

2. Configure a special receive connector for those services, which cannot be seen from the internet, then configure them with the extended right "ms-exch-bypass-anti-spam"

Get-ReceiveConnector "Internal Servers" | Add-ADPermission -User "NT Authority\Anonymous Logon" -AccessRights ExtendedRight -ExtendedRights ms-exch-bypass-anti-spam

Simon.
0
 

Author Comment

by:normajm400
Comment Utility
Thank you Simon for the quick reply.  Because we had the receive connectors set up for the two servers in order to relay, I used option 2.  Will give it an hour or so for the Exchange server to update, then give it a test.  Will post results...
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
Or just restart the transport service, the change is immediate then.

Simon.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:normajm400
Comment Utility
Restarted the transport service.  Unfortunately Option #2 didn't work.  Still getting SCL 9 on the messages.  Here's a copy of the email header:

Received: from MitelServer.xxxx.local (192.xxx.xxx.xxx) by
ExchServer.xxxx.local (192.xxx.xxx.xxx) with Microsoft SMTP Server
(TLS) id 14.3.123.3; Mon, 24 Feb 2014 13:15:57 -0600
Received: from root by Mitel5000.xxxxx.local with local (Exim 4.77)
                (envelope-from <service@mycompany.com>)             id 1WI10L-0003jl-9k         for
mgolbach@mycompany.com; Mon, 24 Feb 2014 13:15:54 -0600
From: <service@mycompany.com>
To: <mgolbach@mycompany.com>
Reply-To: <mitelvm@mycompany.com>
Subject: [0:12] Message for MB 582 from a caller at (715) 610-1111
Content-Type: multipart/mixed; boundary="NewPart"
MIME-Version: 1.0
Message-ID: <E1WI10L-0003jl-9k@MitelServer.xxx.local>
Date: Mon, 24 Feb 2014 13:15:53 -0600
Return-Path: service@mycompany.com
X-MS-Exchange-Organization-AuthSource: ExchServer.xxxx.local
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 10
X-AntiMalwareExchange-CommtouchRefID: str=0001.0A020205.530B58DD.0255,ss=3,sh,re=0.000,fgs=0
X-MS-Exchange-Organization-SCL: 9
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
Are you sure it is going through the right connector?
As that should have worked.

Simon.
0
 

Author Comment

by:normajm400
Comment Utility
The ip address listed on the connector matches the IP address of the "Received from: MitelServer".  Not sure where else to look...
0
 

Author Closing Comment

by:normajm400
Comment Utility
Tried option 1 - create a transport rule.  That took care of it.  Those emails are now flowing into the users' inboxes.

Thank you!
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now