Friday, 28 August 2015

Sender ID filtering or IP block list not working

When Exchange receives an email from the internet, it records the IP of the connecting server. This may be the sender's SMTP server or your own non-Exchange mail filter.

You need to ensure that Exchange works out the correct sending IP so that it can correctly process anti-spam measures that require the sending IP to be checked such as sender ID filtering and IP block list.

If you're finding that sender ID filtering and IP block lists are not working correctly then it's likely that your Exchange Transport configuration doesn't have a list of the internal SMTP servers. The internal SMTP servers need to include the email gateway servers/smart hosts for incoming email that should be ignored.

For example, if your email passes through the SMTP servers 10.10.1.2 and 10.20.1.2 before reaching your Exchange servers then you need to use the Set-TransportConfig cmdlet as below to set these as internal SMTP as well as other Exchange servers so Exchange ignores them when processing the SenderID and connection filtering transport agents:

Set-TransportConfig -InternalSMTPServers 10.10.1.2,10.20.1.2

Now this is set, Exchange ignores these IPs and looks for the client IP in the message header when processing the anti-spam agents. You'll also not see these IPs as client IPs on the messages in the message tracking logs.

If you're not using an email gateway/smart host and you only have one Exchange server then you should set the InternalSMTPServers property to 127.0.0.1.

More information here: https://technet.microsoft.com/en-us/library/bb124151%28v=exchg.150%29.aspx.

1 comment: