You are here: Home » Applications » Email » Exchange » Spam Prevention

Spam Prevention

Task

If you are running Exchange server in your organisation, there are a few steps you can take to help secure your server, and also to prevent spam.

Note1: This article applies to Exchange Server 2003

Explanation

First of all, make sure you have service pack 2 for exchange – it is available here.

Note2:  before installing sp2, make sure you read the release notes as there are updates that must be installed prior to installing sp2.

Note3: Before installing exchange sp2, do a full backup of the system (I usually backup the system state, and backup the Exchange information store – these need to be done seperately or they will not restore properly.

Once the installation is complete, goto Exchange System Manager, expand Global Settings, right-click on message delivery and select properties.

We can now configure several tabs, (whilst carrying out this process, ignore any error messages – we will deal with them later):

Sender Filtering:

Tick filter messages with blank sender.

Connection filtering:

In here we can specify blacklists to check when receiving email.

To do this, click on Add, type any name for Display Name, And type the following for DNS Suffix/provider:

dnsbl.njabl.org
cbl.abuseat.org
bl.spamcop.net
sbl.spamhaus.org
relays.ordb.org – DO NOT USE
ordb.org – DO NOT USE

You can also add a custom error message like the one below (The percentage signs followed by numbers will input domain specific information (such as IP address) when the error message is sent:

Your IP Address (%0) has been blocked by our Spam Server (%2). If you are trying to send a genuine email and you think you have been blocked unjustly, send an email to “Email” with: “identifier” in the subject line.

Recipient Filtering:

Make sure “filter recipients who are not in the Directory” is ticked – this will prevent the server receiving emails that have been sent to random recipients at your domain.com.

Intelligent Message Filtering:

IMF will check all messages that arrive using a predetermined spam detection algorithm, these settings denote how strict the checks will be –  9 being least strict, and 1 being most strict.

I normally use a settings of between 4-5 for blocking messages, and 3-4 for sending messages to the users spam email folder.

I also choose “no action” when blocking messages – you can set this to archive, and then you can get a reader to inspect all messages that have been caught by the spam filter – the only problem with this is that these archived messages take up alot of space.

I will go into more depth on IMF at some point.

Sender ID Filtering:

Select “Reject (The message will not be accepted)”.

Enabling these features:

To enable  all of these features, go back to exchange system manager, expand servers, then expand your server, then protocols, then SMTP, then right-click Default SMTP server and select properties.

Click on Advanced, then Edit, then tick the all the filters we have set up. Now restart the SMTP service and we are ready to go.

Thanks

N/a