Applies to: Exchange Server 2007 SP3, Exchange Server
2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2007-03-28
This topic explains how to use the Exchange Management Console or the Exchange Management Shell to enable or disable connection filtering. The Connection Filter agent is an anti-spam agent that is enabled on computers that have the Microsoft Exchange Server 2007 Edge Transport server role installed.
When the Connection Filter agent and the associated connection filtering features are enabled on a computer, the Connection Filter agent filters all messages that come through all Receive connectors on that computer. Only messages that come from external sources are filtered. External sources are defined as non-authenticated sources. These are considered anonymous Internet sources.
The Connection Filter agent is an underlying transport agent that enables the following features:
- IP Block list
- IP Allow list
- IP Block List providers
- IP Allow List providers
Each of these features can be enabled or disabled separately.
For more information about how to configure the connection filtering features, see the following topics:
- How to Add
IP Addresses to the IP Allow List and IP Block List
- How to
Configure IP Allow List and IP Block List Providers
Note: |
---|
By default, the Connection Filter agent is not enabled on the Hub Transport server. For more information about running the Connection Filter agent on the Hub Transport server, see How to Enable Anti-Spam Functionality on a Hub Transport Server. |
Before You Begin
To perform the following procedures on a computer that has the Edge Transport server role installed, you must log on by using an account that is a member of the local Administrators group on that computer.
Also, before you perform these procedures, confirm the following:
- You have reviewed Anti-Spam and Antivirus
Functionality to understand the general strategy for
configuring all anti-spam agents so that they work together
efficiently for your organization.
- You have read Configuring Connection
Filtering.
Procedure
By default, the connection filtering features are enabled on the Edge Transport server for inbound messages that come from the Internet but are not authenticated. As noted above, the Connection Filtering agent must be enabled for the connection filtering features to operate. By default, the Connection Filter agent is enabled on Edge Transport servers. To enable the Connection Filter agent, use the Enable-TransportAgent cmdlet; to disable the Connection Filter agent, use the Disable-TransportAgent cmdlet,
To use the Exchange Management Console to enable or disable connection filtering features
-
In the Exchange Management Console, click Edge Transport.
-
In the work pane, click the Anti-spam tab, and then select one of the following:
- IP Allow List
- IP Allow List Providers
- IP Block List
- IP Block List Providers
- IP Allow List
-
In the action pane, click Enable or Disable as appropriate.
-
Repeat the steps for each connection filtering data store that you want to enable or disable.
To use the Exchange Management Shell to enable or disable connection filtering features
-
To enable or disable the IP Allow list, run the following command:
Copy Code Set-IPAllowListConfig -Enabled <$true | $false>
-
To enable or disable IP Allow List providers, run the following command:
Copy Code Set-IPAllowListProvider -Enabled <$true | $false>
-
To enable or disable the IP Block list, run the following command:
Copy Code Set-IPBlockListConfig -Enabled <$true | $false>
-
To enable or disable the IP Block list, run the following command:
Copy Code Set-IPBlockListProvider -Enabled <$true | $false>
For detailed syntax and parameter information, see the following topics:
For More Information
For more information about how to configure connection filtering, see the following topics: