• Home
  • Topics
    • Office 365
    • Teams
    • SharePoint Online
    • Exchange 2019
    • Exchange 2016
    • Exchange 2013
    • Hybrid
    • Certificates
    • PowerShell
    • Migration
    • Security
    • Azure
  • Blog
  • Podcast
  • Webinars
  • Books
  • About
  • Videos
    • Interview Videos
    • How To Guide Videos
  • Subscribe
    • Facebook
    • Twitter
    • RSS
    • YouTube

Practical 365

You are here: Home / Exchange Server / Exchange 2010 Edge Transport Server: Configuring IP Block List Providers

Exchange 2010 Edge Transport Server: Configuring IP Block List Providers

May 14, 2011 by Paul Cunningham 18 Comments

The Exchange Server 2010 Edge Transport server role is automatically enabled for the built-in anti-spam features when it is installed. However some of the features require configuration before they can begin blocking spam.

The IP Block List Providers anti-spam feature is one example. It is enabled by default, but no block list providers are included in the configuration.

IP block list providers are an effective way to block the majority of spam, because they maintain comprehensive databases of IP addresses on the internet that are known and suspected spam sources. This allows an Exchange server to determine whether or not to block an incoming email during the initial stages of the SMTP connection, based on the IP address of the sending host.

Blocking spam at such an early stage of the communication sequence uses less bandwidth and processor resources than email content filtering, because the full email message is never transmitted to the Exchange server.

One of the best IP block list providers is Spamhaus. You can configure an Edge Transport server to use Spamhaus as an IP block list provider by following these steps.

Log on to your Edge Transport server and launch the Exchange Management Console. In the Anti-spam tab right-click IP Block List Providers and select Properties.

Exchange 2010 Edge Transport Server: Configuring IP Block List Providers

Select the Providers tab and then click Add.

Exchange 2010 Edge Transport Server: Configuring IP Block List Providers

Enter the Provider Name of Spamhaus and the Lookup Domain of zen.spamhaus.org.

Exchange 2010 Edge Transport Server: Configuring IP Block List Providers

Click OK and OK again to apply the change.

The Edge Transport server will now lookup the IP address of connecting hosts to determine whether or not to accept mail from them.

Exchange Server Anti-Spam, Edge Transport, Exchange 2010, Spamhaus

Comments

  1. Mirza says

    December 22, 2015 at 10:21 pm

    Can Spamhaus (SBL) and FEP 2010 for Microsoft Exchange both configured on Edge Server at same time?.If yes then how they both work together.

    Reply
  2. Faz says

    June 3, 2014 at 3:07 pm

    Any suggestions for IP white list providers to be used with Exchange 2010, my customer is a large supermarket chain with over 200 mailboxes and I find them being blacklisted quite often.

    Reply
    • Paul Cunningham says

      June 3, 2014 at 8:32 pm

      That isn’t how whitelist providers work.

      If your customer is getting blacklisted they need to stop their bad sending behaviour.

      Reply
      • Faz says

        June 3, 2014 at 8:54 pm

        Thanks Paul

        We have a Fortigate appliance which does UTM as well, I guess we will log a call with them

        Reply
      • Julio Baptista says

        November 9, 2021 at 5:48 am

        Hi,
        My case is we cannot send email to the a domain but we can received emails from their domain.
        How i can check if there is blocked in EDGE server ?

        Reply
  3. Jirik Haselgrove says

    December 22, 2011 at 2:22 am

    Hi Paul,

    Just pondering whether it is possible to set a condition or process up that automatically removes values from a block list a certain time after creating, either through automatically settiong an expiry value, or through automatic deletion.

    Cheers,

    Jirik

    Reply
  4. Franco says

    November 9, 2011 at 12:01 am

    Hi Paul,
    After the configuration of Spamhaus on our Edge Server, all incoming mail traffic was blocked and all the senders received an undeliverable message from our server…

    Franco

    Reply
    • Paul Cunningham says

      November 9, 2011 at 12:58 pm

      Hi Franco, does your Edge server receive mail directly from the internet or does it first go via another MTA?

      Reply
    • Paul Cunningham says

      November 9, 2011 at 1:13 pm

      Franco, just spotted this item on the SpamHaus website. If you’re located in that region of the Europe is it possible this is why you saw incoming mail getting blocked?

      http://www.spamhaus.org/news.lasso?article=673

      Reply
      • Franco says

        November 9, 2011 at 5:09 pm

        Uh Uh… I wrote the wrong Address: spamhouse.org … (shame on me!). Sorry. Now is all right, it works fine…

        Reply
      • Paul Cunningham says

        November 9, 2011 at 8:53 pm

        I’m glad it turned out to be something simple like that šŸ™‚

        Reply
  5. Bill Driver says

    August 8, 2011 at 6:33 am

    Is there a cost associated with using Spamhaus in this configuration?

    Reply
    • Paul Cunningham says

      August 8, 2011 at 7:40 pm

      Bill, you should check the Spamhaus usage terms on their site to work out if you quality for free use.

      Reply
  6. Allen White says

    June 28, 2011 at 11:35 pm

    would you recommend always putting this on the edge server or is it just as fine on the cas and hib server etc as seen here

    Reply
    • Paul Cunningham says

      June 29, 2011 at 7:12 am

      It can go on either, whichever one is receiving internet mail for your org. If you’re putting it on a Hub Transport you’ll need to install the antispam agents first using the script Microsoft supplies.

      Reply

Leave a Reply Cancel reply

You have to agree to the comment policy.

Recent Articles

  • Microsoft Launches Group Ownership Governance Policy
  • Making the Case for Identity GovernanceĀ in Azure Active Directory
  • Prepare an Office 365 migration plan assessment using PowerShell
  • Microsoft Releases May 2022 Exchange Server Security Updates
  • New Future of Work for Microsoft 365, IOT and more: Practical 365 Podcast S3 Ep. 2

Copyright © 2022 Quadrotech Solutions AG · Disclosure · Privacy Policy
Alpenstrasse 15, 6304 Zug, Switzerland