Solved

Is it possible to set SCL using an RBL in Exchange 2010?

Posted on 2014-09-03
3
258 Views
Last Modified: 2014-09-18
I have been seeing an increased amount of spam come through my Edge server. I currently utilize IP Block List/RBLs, content filtering and sender filtering to reject/redirect suspected spam messages. I would like to enable a few more IP Block Lists because they are the most effective at finding spammers in my opinion.

When I have done this in the past I would notice a significant decrease in spam but our email server would bounce some legitimate messages. When this happens the user at the other organization would have to reach out to me in order to have their mail server's IP added to our IP Allow List. This takes some time because often I need to get in touch with their IT staff in order to get the information I need (If a WhoIs doesn't provide it for me).

I would like to be able to use an RBL subscription to set the SCL value of a message when it arrives. This way rather than bouncing the message, it will just be redirected to the spam/quarantine box (Which is checked and cleared daily).

Is there anyway I can use an RBL to set the SCL?
I am comfortable with the Exchange Shell (EMS) in Exchange 2010 if it is necessary to use it.
0
Comment
Question by:kpurchase
  • 2
3 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 40301450
Cannot be done with Exchange natively. You would need to use a third party tool to do that for you - perhaps tag the messages, then use a transport rule to set the SCL value.

Although you have pointed out the number one reason not to use blacklists. They reject too much legitimate email. They are not a set and forget solution and that is the main reason I don't use them.

Simon.
0
 

Author Comment

by:kpurchase
ID: 40301457
Hi Simon,

Thanks for your fast response.
Could you suggest a third party tool to tag the messages using a blacklist, I'm not opposed to a transport rule sending them to spam.

Thanks.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40301506
You should probably check with your AV vendor to begin with.
My usual tool of choice is Vamsoft ORF. I have been using that for years.
I do actually do blacklisting with that tool, but I don't use a public blacklist. Instead it builds its own based on previous behaviour trying to send to my server.

Simon.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now