Microsoft Exchange Server

установка настройка администрирование

Microsoft Exchange server. Статьи Exchange 2010

Exchange анти-спам. Миф развеян. - Myth 5: Putting a server IP on the InternalSMTPServers list of the TransportConfig object AND IP Allow List is a good idea

 

Myth 5: Putting a server IP on the InternalSMTPServers list of the TransportConfig object AND IP Allow List is a good idea.

A bit of background before we tell you it's a bad idea (just a bit I promise).

Putting an IP on the IP allow list via Exchange Management Console or Add-IPAllowListEntry cmdlet allows any connection coming from that IP to bypass all anti-spam filtering except sender/recipient filter. It gives any message a SCl of -1 that originates from that IP.

The internal servers list is a list of IPs in your perimeter that you wish to bypass SenderID/IP BlockList provider/IP block list agents. It is NOT intended to bypass all AS filtering. InternalSMTPServers will cause the anti-spam analysis to be performed against the "Received" headers rather than the incoming protocol. In the case of a relay between the Internet and your first Exchange hop, this will prevent Exchange from seeing all email (spam and legitimate) as coming from the same source and blocking that source.

As you can see, these features are not the same. So, putting a server IP in both lists will not give you results. One of these is that we will still stamp an SCL rating on the message and not give the expected "-1" for a server on the allow list.

Below is a comparison of the anti-spam headers on a message of a server on the allow list and a message from a server on both:

Figure 1 above - Headers when only on IP Allow List

Figure 2 Header when on both IP Allow and InternalSMTPServers lists

As can be seen the results are completely different. For a great over view of the InternalSMTPServers attribute (as well as other aspects of the Anti-Spam agents) please take a look at this great post here: http://msexchangeteam.com/archive/2008/06/23/449070.aspx

Finally we arrive at our last myth.

 

Вы здесь: Главная Exchange 2010 Exchange анти-спам. Миф развеян.
Яндекс.Метрика