Anti-spam agents available on a Mailbox server:
Based on the default priority value of the anti-spam agent, and the SMTP event in the transport pipeline where the anti-spam agent is registered, the following list describes the agents and the default order in which they are applied to messages on a Mailbox server:
1. Content Filter agent
2. Sender ID agent
3. Sender Filter agent
4. RecipientFilter agent
5. Protocol Analysis agent for sender reputation
Anti-spam agents available on an Edge Transport server:
Based on the default priority value of the anti-spam agent, and the SMTP event in the transport pipeline where the anti-spam agent is registered, this is the default order in which the anti-spam agents are applied on an Edge Transport server:
1. ConnectionFiltering agent
2. SenderFilter agent
3. RecipientFilter agent
4. SenderID agent
5. ContentFilter agent
6. ProtocolAnalysis agent for sender reputation
7. AttachmentFiltering agent
Install antispam agents:
Run the Install-AntiSpamAgents.ps1 script:
ExchangeInstallPath\Scripts\Install-AntiSpamAgents.ps1
Restart the Microsoft Exchange Transport Service:
Restart-Service MSExchangeTransport
Specify the internal SMTP servers in the organisation:
Set-TransportConfig -InternalSMTPServers @{Add="<ip address1>","<ip address2>"...}
Configure antimalware policy:
• An antimalware policy is added by default.
• The available actions do not allow a message and/or attachments to be quarantined, but only deleted, so false-positves cannot be recovered and released.
• The filter seems to be concerned with attachments only, that is, it does not inspect the message body itself (e.g. for dangerous links and/or images).
• The external senders probably should not be notified as that would confirm that the email address is valid.
Third party solutions:
A 3rd party solution such as Cisco IronPort appliance or software based GFI MailEssentials running on a Windows server with SMTP service installed and acting as an SMTP gateway may be more secure (multiple AV scan engines from different vendors) and more manageable solution (more options for granular configuration and easier management).
Anti-spam and anti-malware cmdlets
Anti-spam and anti-malware protection
Anti-spam protection
Cisco IronPort
Configure Anti-Malware Policies
Enable anti-spam functionality on Mailbox servers
GFI MailEssentials
Manage sender filtering
.
No comments:
Post a Comment