Exchange 2007 Content FIlter: The Whitelist Is Here!
Posted by Bharat Suneja at 9:25 AM
Messaging Hygiene features in Exchange Server 2003, including the Intelligent Message Filter, did not have a way to whitelist sending domains or SMTP addresses. This is a follow up to a previous post, and one of the more popular ones on this blog - titled "IMF: Where's the whitelist?". ("IMF and whitelist" has for long been one of the most common search terms on this blog - Bharat).
Whitelists are common in most 3rd-party anti-spam tools. Adding domains or SMTP addresses of important senders like customers, vendors, or your CEO's home email address (almost always an AOL address... :) for instance, ensures messages from these domains or addresses do not get filtered by the anti-spam filter.
The Content Filter agent in Exchange Server 2007 does have whitelists.
Sender SMTP addresses can be whitelisted using the following shell command:
set-contentfilterconfig -BypassedSenders This email address is being protected from spambots. You need JavaScript enabled to view it.
To whitelist an entire sending domain:
set-contentfilterconfig -BypassedSenderDomains somedomain.com
Before you start using whitelists, be aware of the downside:
- SMTP headers can be spoofed easily.
- Maintaining whitelists, just as maintaining blacklists, is a manual process that imposes its own management costs.
- Checking every inbound message against a list of whitelisted recipients imposes a performance penalty - miniscule as it may be.
Nevertheless, many IMF users have repeatedly demanded this functionality and it's great to finally have it in what some folks call IMF v3.0.
The Content Filter can also be configured with an exception list - to not apply the filter to inbound messages for particular recipients. This can be done from the console by going to Hub Transport | Anti-spam tab | Content Filtering -> properties | Exceptions. This list is limited to a 100 recipients - you can add generic recipients that you want to exempt from the Content Filter, e.g. This email address is being protected from spambots. You need JavaScript enabled to view it., This email address is being protected from spambots. You need JavaScript enabled to view it., et al.
To do this from the shell:
set-contentfilterconfig -BypassedRecipients This email address is being protected from spambots. You need JavaScript enabled to view it.,This email address is being protected from spambots. You need JavaScript enabled to view it.