Do i need to restart the Exchange services after tweaking anti-spam rules or installing spam filter updates through windows update or does it automatically take effect?

Posted on 2014-10-30
Last Modified: 2014-11-10
I am running Exchange 2010 on a Windows 2008 R2 base server.

We have been getting a ton of spam from spoofed email domains and i enabled Sender ID filtering to prevent this but after i hit apply i still got some spoofed email a few minutes later and was wondering if i needed to restart the exchange services.
Question by:Blake Weaver
  • 3
  • 2

Expert Comment

ID: 40413892
They should take effect after you apply them. There should be no reason you'd have to restart any services.

Assisted Solution

by:Asif Bacchus
Asif Bacchus earned 500 total points
ID: 40414094
I usually like to restart the Transport Service, just to make sure things 'stick'.  This is a quick and easy service to restart, so you won't really have any downtime, etc.

As a side-note, double-check to make sure you enable Recipient Filtering and check the box "Block messages set to recipients that do not exist in the directory" in the "Blocked Recipients" tab.  This on it's own usually cuts your SPAM down dramatically.

Author Comment

by:Blake Weaver
ID: 40414234
Thanks Asifbaccus.  Yes i already have the checkbox checked(block messages set to recipients that do not exist in the directory) but i have still been getting spam from internal addresses which i cant understand.
Are your end users making ugly email signatures?

Have you left it up to your end users to create their own email signatures? Are they forgetting to add the company logo or using garish font colors? Take control and ensure all users have the same email signature.


Accepted Solution

Asif Bacchus earned 500 total points
ID: 40414256
Are you sure these emails are not actually originating from within your network?  Have you checked the headers on one of them to make sure?  Many trojans and malware infections setup a little mailserver on clients and then SPAM internally.  That way they get around Exchange SPAM checks.

If you have a firewall capable of monitoring and controlling outgoing connections, I usually setup a rule to prevent any source IP address from sending via port 25 except the Exchange server to avoid such problems.

Otherwise, you're right, SenderID may help you out.

Author Comment

by:Blake Weaver
ID: 40432815
The second comment was a great thought but as soon as i implemented an external third party spam filter it caught all the spoofed address emails.

Expert Comment

by:Asif Bacchus
ID: 40434024
Glad you got it all sorted out... SPAM is such a pain! Cheers.

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now