Solved

Do i need to restart the Exchange services after tweaking anti-spam rules or installing spam filter updates through windows update or does it automatically take effect?

Posted on 2014-10-30
6
259 Views
Last Modified: 2014-11-10
I am running Exchange 2010 on a Windows 2008 R2 base server.

We have been getting a ton of spam from spoofed email domains and i enabled Sender ID filtering to prevent this but after i hit apply i still got some spoofed email a few minutes later and was wondering if i needed to restart the exchange services.
0
Comment
Question by:Blake Weaver
  • 3
  • 2
6 Comments
 
LVL 8

Expert Comment

by:tshearon
ID: 40413892
They should take effect after you apply them. There should be no reason you'd have to restart any services.
0
 
LVL 6

Assisted Solution

by:Asif Bacchus
Asif Bacchus earned 500 total points
ID: 40414094
I usually like to restart the Transport Service, just to make sure things 'stick'.  This is a quick and easy service to restart, so you won't really have any downtime, etc.

As a side-note, double-check to make sure you enable Recipient Filtering and check the box "Block messages set to recipients that do not exist in the directory" in the "Blocked Recipients" tab.  This on it's own usually cuts your SPAM down dramatically.
0
 

Author Comment

by:Blake Weaver
ID: 40414234
Thanks Asifbaccus.  Yes i already have the checkbox checked(block messages set to recipients that do not exist in the directory) but i have still been getting spam from internal addresses which i cant understand.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 6

Accepted Solution

by:
Asif Bacchus earned 500 total points
ID: 40414256
Are you sure these emails are not actually originating from within your network?  Have you checked the headers on one of them to make sure?  Many trojans and malware infections setup a little mailserver on clients and then SPAM internally.  That way they get around Exchange SPAM checks.

If you have a firewall capable of monitoring and controlling outgoing connections, I usually setup a rule to prevent any source IP address from sending via port 25 except the Exchange server to avoid such problems.

Otherwise, you're right, SenderID may help you out.
0
 

Author Comment

by:Blake Weaver
ID: 40432815
The second comment was a great thought but as soon as i implemented an external third party spam filter it caught all the spoofed address emails.
0
 
LVL 6

Expert Comment

by:Asif Bacchus
ID: 40434024
Glad you got it all sorted out... SPAM is such a pain! Cheers.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now