The Exchange Server 2010 Edge Transport server role is automatically enabled for the built-in anti-spam features when it is installed. However some of the features require configuration before they can begin blocking spam.
The IP Block List Providers anti-spam feature is one example. It is enabled by default, but no block list providers are included in the configuration.
IP block list providers are an effective way to block the majority of spam, because they maintain comprehensive databases of IP addresses on the internet that are known and suspected spam sources. This allows an Exchange server to determine whether or not to block an incoming email during the initial stages of the SMTP connection, based on the IP address of the sending host.
Blocking spam at such an early stage of the communication sequence uses less bandwidth and processor resources than email content filtering, because the full email message is never transmitted to the Exchange server.
One of the best IP block list providers is Spamhaus. You can configure an Edge Transport server to use Spamhaus as an IP block list provider by following these steps.
Log on to your Edge Transport server and launch the Exchange Management Console. In the Anti-spam tab right-click IP Block List Providers and select Properties.
Select the Providers tab and then click Add.
Enter the Provider Name of Spamhaus and the Lookup Domain of zen.spamhaus.org.
Click OK and OK again to apply the change.
The Edge Transport server will now lookup the IP address of connecting hosts to determine whether or not to accept mail from them.
About Paul Cunningham
would you recommend always putting this on the edge server or is it just as fine on the cas and hib server etc as seen here
It can go on either, whichever one is receiving internet mail for your org. If you’re putting it on a Hub Transport you’ll need to install the antispam agents first using the script Microsoft supplies.
Is there a cost associated with using Spamhaus in this configuration?
Bill, you should check the Spamhaus usage terms on their site to work out if you quality for free use.
Hi Paul,
After the configuration of Spamhaus on our Edge Server, all incoming mail traffic was blocked and all the senders received an undeliverable message from our server…
Franco
Hi Franco, does your Edge server receive mail directly from the internet or does it first go via another MTA?
Franco, just spotted this item on the SpamHaus website. If you’re located in that region of the Europe is it possible this is why you saw incoming mail getting blocked?
http://www.spamhaus.org/news.lasso?article=673
Uh Uh… I wrote the wrong Address: spamhouse.org … (shame on me!). Sorry. Now is all right, it works fine…
I’m glad it turned out to be something simple like that
Hi Paul,
Just pondering whether it is possible to set a condition or process up that automatically removes values from a block list a certain time after creating, either through automatically settiong an expiry value, or through automatic deletion.
Cheers,
Jirik