One easy way to make a huge dent in the amount of spam your Exchange organization receives is to configure the IP Block List Providers anti-spam agent. This component checks senders against known databases of spammers, infected computers and open relays. Also known as real-time block lists (RBL), they are provided by a number of non-profit and for profit companies. From my experience I like using the free block lists provided by:
- SpamHaus - zen.spamhaus.org
- SpamCop - bl.spamcop.net
- Surriel - psbl.surriel.com
- SORBS - dnsbl.sorbs.net
Adding the IP Block List provider to Exchange is very simple, just open up the Exchange Management Shell and run the command below:
Add-IPBlockListProvider -Name SpamHaus -LookupDomain zen.spamhaus.org -AnyMatch $True -Enabled $True -RejectionResponse “Your IP is on the spamhaus.org block list“
For other block list providers just modify the Name, LookupDomain and RejectionRespose.
After you add a IP block list provider you can run get-ipblocklistprovider to list all installed. If you want to delete a provider run Remove-IPBlockListProvider -identity <name> and hit enter.
Some IP Block List providers have test addresses that allow you to see if your block list is working. For SpamHaus Zen just send an e-mail to [email protected] and you will get the results back via e-mail in a few minutes.