Do i need to restart the Exchange services after tweaking anti-spam rules or installing spam filter updates through windows update or does it automatically take effect?

Posted on 2014-10-30
Last Modified: 2014-11-10
I am running Exchange 2010 on a Windows 2008 R2 base server.

We have been getting a ton of spam from spoofed email domains and i enabled Sender ID filtering to prevent this but after i hit apply i still got some spoofed email a few minutes later and was wondering if i needed to restart the exchange services.
Question by:Blake Weaver
  • 3
  • 2

Expert Comment

ID: 40413892
They should take effect after you apply them. There should be no reason you'd have to restart any services.

Assisted Solution

by:Asif Bacchus
Asif Bacchus earned 500 total points
ID: 40414094
I usually like to restart the Transport Service, just to make sure things 'stick'.  This is a quick and easy service to restart, so you won't really have any downtime, etc.

As a side-note, double-check to make sure you enable Recipient Filtering and check the box "Block messages set to recipients that do not exist in the directory" in the "Blocked Recipients" tab.  This on it's own usually cuts your SPAM down dramatically.

Author Comment

by:Blake Weaver
ID: 40414234
Thanks Asifbaccus.  Yes i already have the checkbox checked(block messages set to recipients that do not exist in the directory) but i have still been getting spam from internal addresses which i cant understand.
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.


Accepted Solution

Asif Bacchus earned 500 total points
ID: 40414256
Are you sure these emails are not actually originating from within your network?  Have you checked the headers on one of them to make sure?  Many trojans and malware infections setup a little mailserver on clients and then SPAM internally.  That way they get around Exchange SPAM checks.

If you have a firewall capable of monitoring and controlling outgoing connections, I usually setup a rule to prevent any source IP address from sending via port 25 except the Exchange server to avoid such problems.

Otherwise, you're right, SenderID may help you out.

Author Comment

by:Blake Weaver
ID: 40432815
The second comment was a great thought but as soon as i implemented an external third party spam filter it caught all the spoofed address emails.

Expert Comment

by:Asif Bacchus
ID: 40434024
Glad you got it all sorted out... SPAM is such a pain! Cheers.

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to:…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question