kpurchase
asked on
Is it possible to set SCL using an RBL in Exchange 2010?
I have been seeing an increased amount of spam come through my Edge server. I currently utilize IP Block List/RBLs, content filtering and sender filtering to reject/redirect suspected spam messages. I would like to enable a few more IP Block Lists because they are the most effective at finding spammers in my opinion.
When I have done this in the past I would notice a significant decrease in spam but our email server would bounce some legitimate messages. When this happens the user at the other organization would have to reach out to me in order to have their mail server's IP added to our IP Allow List. This takes some time because often I need to get in touch with their IT staff in order to get the information I need (If a WhoIs doesn't provide it for me).
I would like to be able to use an RBL subscription to set the SCL value of a message when it arrives. This way rather than bouncing the message, it will just be redirected to the spam/quarantine box (Which is checked and cleared daily).
Is there anyway I can use an RBL to set the SCL?
I am comfortable with the Exchange Shell (EMS) in Exchange 2010 if it is necessary to use it.
When I have done this in the past I would notice a significant decrease in spam but our email server would bounce some legitimate messages. When this happens the user at the other organization would have to reach out to me in order to have their mail server's IP added to our IP Allow List. This takes some time because often I need to get in touch with their IT staff in order to get the information I need (If a WhoIs doesn't provide it for me).
I would like to be able to use an RBL subscription to set the SCL value of a message when it arrives. This way rather than bouncing the message, it will just be redirected to the spam/quarantine box (Which is checked and cleared daily).
Is there anyway I can use an RBL to set the SCL?
I am comfortable with the Exchange Shell (EMS) in Exchange 2010 if it is necessary to use it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You should probably check with your AV vendor to begin with.
My usual tool of choice is Vamsoft ORF. I have been using that for years.
I do actually do blacklisting with that tool, but I don't use a public blacklist. Instead it builds its own based on previous behaviour trying to send to my server.
Simon.
My usual tool of choice is Vamsoft ORF. I have been using that for years.
I do actually do blacklisting with that tool, but I don't use a public blacklist. Instead it builds its own based on previous behaviour trying to send to my server.
Simon.
ASKER
Thanks for your fast response.
Could you suggest a third party tool to tag the messages using a blacklist, I'm not opposed to a transport rule sending them to spam.
Thanks.