At the office we have a combination Anti-Virus and Anti-Spam system, (Sophos Endpoint Security and Control) so historically this hasn’t been an issue, but I do run a test server for testing out various upgrades, tweaks etc, and yes, a mailserver is also installed.
It’s during the latest batch of spam that I decided to try to fight back….
First off I installed the Anti-Spam extensions, this can be done from the Exchange console;
CD “C:\program files\microsoft\exchange server\scripts”
./install-AntispamAgents.ps1
This will add a tab within the Organisation Configuration > Hub Transport panel called Anti-Spam
Next step would be to automate the Anti-Spam updates;
Enable-AntispamUpdates -SpamSignatureUpdatesEnabled $true -UpdateMode Automatic
You can check if the updates are running by running the following command
get-antispamupdates
Once all of these settings have been configured the next step is to configure a quarantine mailbox, create a new mailbox and run the following command
Set-ContentFilterConfig-QuarantineMailbox mailbox@domain.com
The various parts of the Anti-Spam add-in can now be configured, in so doing you will become acquainted with the SCL score of individual emails, a helpful little tweak is to have Outlook display the SCL score of emails.
Create a file in the office folder that contains the .ICO files, (in Office 2010 the file location is C:\Program Files\Microsoft Office\Office14\FORMS\1033) called SCL.CFG and paste in the following;
[Description]
MessageClass=IPM.Note
CLSID={00020D31-0000-0000-C000-000000000046}
DisplayName=SCL Extension Form
Category=Standard
Subcategory=Form
Comment=This forms allows the SCL to be viewed as a column
LargeIcon=IPML.ico
SmallIcon=IPMS.ico
Version=1.0
Locale=enu
Hidden=1
Owner=Microsoft Corporation
Contact=Your Name
[Platforms]
Platform1=Win16
Platform2=NTx86
Platform9=Win95
[Platform.Win16]
CPU=ix86
OSVersion=Win3.1
[Platform.NTx86]
CPU=ix86
OSVersion=WinNT3.5
[Platform.Win95]
CPU=ix86
OSVersion=Win95
[Properties]
Property01=SCL
[Property.SCL]
Type=3
NmidInteger=0x4076
DisplayName=SCL
[Verbs]
Verb1=1
[Verb.1]
DisplayName=&Open
Code=0
Flags=0
Attribs=2
[Extensions]
Extensions1=1
[Extension.1]
Type=30
NmidPropset={00020D0C-0000-0000-C000-000000000046}
NmidInteger=1
Value=1000000000000000
And save the file. From Outlook, File Tab, Click Options, Advanced, Custom Forms, Manage Forms, Install, find SCL.CFG and open it. Click Ok to install the form, Click Close, Ok and Ok.
From your Inbox, right-click the column headings and select Field Chooser, Open drop down list and select Forms…, select SCL Extension Form and Add. You should now have SCL Extension Form in the drop down, select it and drag/drop SCL to the Inbox column heading.
This should give an extra column with the SCL value on which you can use to work out what level to set some of your Anti-Spam settings with.
I will cover SCL settings in a later post.
http://www.infoworld.com/d/windows/fighting-spam-exchange-2007-531