Solved

Is it possible to set SCL using an RBL in Exchange 2010?

Posted on 2014-09-03
3
262 Views
Last Modified: 2014-09-18
I have been seeing an increased amount of spam come through my Edge server. I currently utilize IP Block List/RBLs, content filtering and sender filtering to reject/redirect suspected spam messages. I would like to enable a few more IP Block Lists because they are the most effective at finding spammers in my opinion.

When I have done this in the past I would notice a significant decrease in spam but our email server would bounce some legitimate messages. When this happens the user at the other organization would have to reach out to me in order to have their mail server's IP added to our IP Allow List. This takes some time because often I need to get in touch with their IT staff in order to get the information I need (If a WhoIs doesn't provide it for me).

I would like to be able to use an RBL subscription to set the SCL value of a message when it arrives. This way rather than bouncing the message, it will just be redirected to the spam/quarantine box (Which is checked and cleared daily).

Is there anyway I can use an RBL to set the SCL?
I am comfortable with the Exchange Shell (EMS) in Exchange 2010 if it is necessary to use it.
0
Comment
Question by:kpurchase
  • 2
3 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 40301450
Cannot be done with Exchange natively. You would need to use a third party tool to do that for you - perhaps tag the messages, then use a transport rule to set the SCL value.

Although you have pointed out the number one reason not to use blacklists. They reject too much legitimate email. They are not a set and forget solution and that is the main reason I don't use them.

Simon.
0
 

Author Comment

by:kpurchase
ID: 40301457
Hi Simon,

Thanks for your fast response.
Could you suggest a third party tool to tag the messages using a blacklist, I'm not opposed to a transport rule sending them to spam.

Thanks.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40301506
You should probably check with your AV vendor to begin with.
My usual tool of choice is Vamsoft ORF. I have been using that for years.
I do actually do blacklisting with that tool, but I don't use a public blacklist. Instead it builds its own based on previous behaviour trying to send to my server.

Simon.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question