troubleshooting Question

Exchange IP Block List Logging - Identify blocked senders?

Avatar of Jer
JerFlag for United States of America asked on
ExchangeAntiSpamEmail Servers
3 Comments1 Solution245 ViewsLast Modified:
I had this question after viewing Exchange 2010 Log Spam E-mail.

Greetings,

As part of my spam protection effort, I utilize Exchange Anti-Spam.  As I get spam email, I identify the sending server IP (aaa.bbb.ccc.ddd) and then go into IP Block List and add aaa.bbb.ccc.0/24.  For the most part, this works fine.  However, on occasion, we're having legitimate senders being blocked due to their sending server being part of the aaa.bbb.ccc.0/24 network.  If I go into the agent log, I get:

2016-03-23T15:13:08.32TG445,xxx.xxx.xxx.xxx:25,54.ccc.bbb.aaa:50443,54.ccc.bbb.aaa,,01000153a40952d0-322376de-9565-f572c6-000000@domain.com,,,0,Connection Filtering Agent,OnMailCommand,RejectCommand,550 5.7.1 External client with IP address aaa.bbb.ccc.54 does not have permissions to submit to this server.,LocalBlockList,entry created by administrator,

Unfortunately, this is not very useful in identifying who the sender is.  Is there a way to configure the IP Block to state the sender?  Basically, I need a way to tell sender@email.com to send me an email and I can look at a log and see that sender@email.com was rejected.  They often get NDRs that just say the sending server gave up after so many tries.

Any assistance would be great.

Thanks,

Jeremy
ASKER CERTIFIED SOLUTION
David Johnson, CD
The More I know, the more I don't know
Log in to continue reading
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform for $9.99/mo
View membership options
Unlock 1 Answer and 3 Comments.
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
The Value of Experts Exchange in My Daily IT Life

Experts Exchange (EE) has become my company's go-to resource to get answers. I've used EE to make decisions, solve problems and even save customers. OutagesIO has been a challenging project and... Keep reading >>

Mike

Owner of Outages.IO
Phoenix, Arizona, United States
Member Since 2016
Join a full scale community that combines the best parts of other tools into one platform.
Unlock 1 Answer and 3 Comments.
View membership options
“All of life is about relationships, and EE has made a virtual community a real community. It lifts everyone's boat.”
William Peck

Member since 2004