Jan 22, 2015

Microsoft Exchange Server 2013 - Anti-Spam and Anti-Malware

1. Overview
If the default installation options of Exchange 2013 are selected:
  • Anti-spam filtering is NOT enabled by default
  • Anti-malware filtering is enabled by default
2. Basic with Anti-Spam
  • Open Exchange PowerShell
    • cd ExchangeInstallpath\Scripts\
    • .\Install-AntiSpamAgents.ps1

  •  Add IP addresses on all Exchange Servers
    • Set-TransportConfig -InternalSMTPServers a.b.c.d
  • Check
    • Get-TransportConfig | Format-List InternalSMTPServers
  • Restart Microsoft Exchange Transport Service
    • Restart-Service MSExchangeTransport 
  • Check before config
    • get-ContentFilterConfig
  •  Config example

    • Add-IPBlockListProvider -name zen.spamhaus.org -lookupdomain zen.spamhaus.org
      • ... change  zen.spamhaus.org to other depend your config, can add more config
    • Set-SenderIDConfig -SpoofedDomainAction Delete
    • Set-SenderReputationConfig -SenderBlockingEnabled $true -SrlBlockThreshold 6 -SenderBlockingPeriod 36
    • Set-SenderFilterConfig -BlankSenderBlockingEnabled $true
    • Set-ContentFilterConfig -SCLQuarantineThreshold "number"
    • Set-ContentFilterConfig -SCLDeleteEnabled $true
    • Set-ContentFilterConfig -SCLRejectEnabled $false
    • Add-IPAllowListProvider -name swl.spamhaus.org -lookupdomain swl.spamhaus.org
    • Set-ContentFilterConfig -BypassedSenders user@domain.com
    • Set-ContentFilterConfig -BypassedSenderDomains domain.com
      • ...for multi domain Set-ContentFilterConfig -BypassedSenderDomains domaina.com domainb.com
  • Enable logging
    • Set-TransportService *SERVERNAME* -AgentLogEnabled $true -AgentLogPath “D:\Anti-spam-logging-folder” -AgentLogMaxFileSize 500MB -AgentLogMaxDirectorySize 5000MB -AgentLogMaxAge 24.00:00:00
3. Basic with Anti-Spam
  • Open Exchange PowerShell
    • cd ExchangeInstallpath\Scripts\ 
      • \Enable-AntiMalwareScanning.ps1    for enable
      • .\Disable-AntiMalwareScanning.ps1  for disable
    • Restart-Service MSExchangeTransport "after config" 
  • Config 
    • Set-MalwareFilteringServer <Server_Name> -BypassFiltering $True
    • Get-MalwareFilteringServer | Select BypassFiltering
4. Documents

Exchange Server 2013 Tips & Tricks

What’s New in Exchange

Microsoft Exchange Server 2013 Migration Experiences from the Field

Monitoring and Tuning Microsoft Exchange Server 2013 Performance

Building a Hybrid Exchange Server 2013 Deployment in Less than 75 Minutes
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)