How can I configure Exchange Server 2003 to block spam?

Microsoft Exchange Server 2003 now has built-in Open Relay Filter (ORFilter) or DNS Blacklist and Realtime Blackhole List (DNSBL, RBL) capabilities, which releases us from the need to rely on 3rd party software for the spam filtering.

Update – Exchange Intelligent Message Filter

Microsoft Exchange Intelligent Message Filter (IMF) was first released at the end of May 2004.
Microsoft Exchange Intelligent Message Filter is a product developed by Microsoft to help companies reduce the amount of unsolicited commercial e-mail (UCE), or spam, received by users.

Intelligent Message Filter is based on Microsoft SmartScreen Technology from Microsoft Research. By using e-mail characteristics tracked by SmartScreen technology, Intelligent Message Filter can help determine whether each incoming e-mail message is likely to be spam. Based on this likelihood, you can choose to block e-mail messages at the gateway or at the mailbox store.
Note: The Intelligent Message Filter is not supported in a clustered environment. Therefore, Intelligent Message Filter updates are not offered to Exchange Server 2003 servers in a clustered environment.
Exchange Server 2003 SP2 Update Note: IMF used to be a stand-alone tool downloadable from Microsoft. Although one can still download and install it separately (here, if you insist, but you don’t need it anymore), IMF is now an integral part of Exchange Service Pack 2 (SP2). You can learn how to configure it on SP2 by reading Configure Intelligent Message Filter in Exchange 2003 SP2.
Read more about IMF in the Related Articles section below.

Using 3rd party software

The anti-spam features in Exchange 2003 are far from complete, and using software like Policy Patrol, GFI MailSecurity and GFI MailEssentials for Exchange/SMTP and others is still recommended, but for small businesses or companies that cannot afford these products – Exchange Server 2003 can now handle most the job, especially with IMF around.
However, there are still many problematic “features” (as Microsoft likes to call them) in the built-in anti-spam support in Exchange 2003. One bad thing about the Exchange Server 2003 Spam protection options is the fact that there is no GUI-easy way to import or export blocked e-mail addresses or sending domains.
Another bad thing is that there is no default way to see if the filters are working, and how much spam is blocked.

Configuring e-mail blocking

To configure e-mail blocking do the following:

1. Go to the properties of the Message Delivery settings.

1. Click new to add a connection filter.

1. Add the desired RBL service and click OK.

1. You can also configure exceptions for these rules. Click the Exceptions button and enter your settings.
2. A warning shows that you have to enable the filtering at the SMTP virtual servers.

1. Go to the properties of your SMTP Virtual Server.

1. On the General tab, click the Advanced Button.

1. Click the Edit button.

1. Check the ‘Apply Connection Filter’ checkbox.

1. Click Ok all the way out.

Further Reading

You might also want to read the following related articles:

• Install Anti-Spam in Exchange 2007
• Block Spam with Exchange 2003 Intelligent Message Filter
• Block Spam with Exchange 2003
• Block Spam with Outlook 2003
• Bug in Intelligent Message Filter Interface
• Combating Spam in the Corporate Environment
• Configure Intelligent Message Filter in Exchange 2003 SP2
• Display SCL Level in Outlook 2003
• Display SCL Level in OWA 2003 SP2
• Download Exchange 2003 Intelligent Message Filter
• GFI MailEssentials for Exchange/SMTP – more info
• How to Post to Newsgroups Without Getting spammed?
• Installing Intelligent Message Filter with Exchange 2003 SP2
• Junk E-mail Reporting Tool for Outlook 2003
• Sender Policy Framework
• Updating Intelligent Message Filter in Exchange Server 2003 SP2
• View Intelligent Message Filter Archive

Links

Prevent Junk E-Mail Messages with Outlook 2003


Exchange Intelligent Message Filter