Applies to: Exchange Server 2007 SP3, Exchange Server
2007 SP2, Exchange Server 2007 SP1
Topic Last Modified: 2008-07-18
Use the Update-SafeList cmdlet to update the safelist aggregation data in the Active Directory directory service. Safelist aggregation data is used in anti-spam filtering in Microsoft Exchange Server 2007. EdgeSync replicates safelist aggregation data to computers that have the Edge Transport server role installed.
The Update-SafeList cmdlet reads the safelist aggregation data that is stored on a Microsoft Office Outlook user mailbox and then hashes and writes the data to the corresponding user object in Active Directory. Safelist aggregation data contains the Outlook user's Safe Senders List and Safe Recipients List.
You use the Type parameter to specify whether you update
the Outlook user's Safe Senders List or the Safe Recipients List,
or both. However, only Safe Senders List data is used by the
safelist aggregation feature; the safelist aggregation feature does
not act on Safe Recipients List data. Therefore, to reduce storage
and replication bloat in Active Directory, we do not recommend
running the Type parameter with the
SafeRecipients or Both values in
Exchange 2007. The default value for the Type parameter
is SafeSenders.
For more information about how safelist aggregation works, see Safelist Aggregation.
Syntax
Update-SafeList -Identity <MailboxIdParameter>
[-Confirm [<SwitchParameter>]] [-DomainController
<Fqdn>] [-IncludeDomains <SwitchParameter>] [-Type
<SafeSenders | SafeRecipients | Both>] [-WhatIf
[<SwitchParameter>]]
|
Parameters
| Parameter | Required | Type | Description | ||
|---|---|---|---|---|---|
|
Identity |
Required |
Microsoft.Exchange.Configuration.Tasks.MailboxIdParameter |
Use this parameter to specify the Outlook user mailbox from which you want to collect safelist aggregation data. Valid input for this parameter includes the following values:
|
||
|
Confirm |
Optional |
System.Management.Automation.SwitchParameter |
The Confirm parameter causes the command to pause processing and requires you to acknowledge what the command will do before processing continues. You don't have to specify a value with the Confirm parameter. |
||
|
DomainController |
Optional |
Microsoft.Exchange.Data.Fqdn |
To specify the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory, include the DomainController parameter on the command. The DomainController parameter is not supported on computers that have the Edge Transport server role installed. The Edge Transport server role writes only to the local Active Directory Application Mode (ADAM) instance. |
||
|
IncludeDomains |
Optional |
System.Management.Automation.SwitchParameter |
Use this parameter if you want to include the sender domains that are specified by users in Outlook to the aggregated safelists. By default, domains that are specified by the senders are not included. In most cases, we do not recommend that you include domains because users may include the domains of large Internet service providers (ISP), which could unintentionally provide addresses that may be used or spoofed by spammers. |
||
|
Type |
Optional |
Microsoft.Exchange.Management.RecipientTasks.UpdateType |
Use this parameter to specify which user-generated list is
updated to the user object. Valid values for this parameter are
|
||
|
WhatIf |
Optional |
System.Management.Automation.SwitchParameter |
The WhatIf parameter instructs the command to simulate the actions that it would take on the object. By using the WhatIf parameter, you can view what changes would occur without having to apply any of those changes. You don't have to specify a value with the WhatIf parameter. |
Important:Detailed Description
To run the Update-SafeList cmdlet, the account you use must be delegated the following:
- Exchange View-Only Administrators role
- Exchange Recipient Administrator role
For more information about permissions, delegating roles, and the rights that are required to administer Exchange 2007, see Permission Considerations.
Input Types
Return Types
Errors
| Error | Description |
|---|---|
|
|
|
Exceptions
| Exceptions | Description |
|---|---|
|
|
|
Example
The first example shows how to update Safe Senders List data for a single user, KimA, by using the Update-SafeList cmdlet.
The second example shows how to update all safelist
data for all mailbox users in your Exchange organization. By
default, the Exchange Management Shell is configured to retrieve or
modify objects that reside in the domain in which the Exchange
server resides. Therefore, to retrieve all the mailboxes in your
Exchange organization, you must set the value of
$AdminSessionAdSettings.ViewEntireForest to
$True. Then you can run the Get-Mailbox cmdlet
and pipe its output to the Update-Safelist cmdlet to update
all safelist data for all mailbox users in your Exchange
organization.
 Caution: |
|---|
When you modify the value of
$AdminSessionAdSettings.ViewEntireForest, the new value
remains until you close your current Exchange Management Shell
session. We recommend that you set
$AdminSessionAdSettings.ViewEntireForest to
$False immediately after you perform the task to
avoid unintentionally modifying or retrieving objects beyond your
intended scope. |
 Copy Code |
|
|---|---|
Update-Safelist -Identity KimA |
|
| Copy Code |
|
|---|---|
AdminSessionAdSettings.ViewEntireForest = $True
get-mailbox -ResultSize Unlimited | where {$_.RecipientType -eq [Microsoft.Exchange.Data.Directory.Recipient.RecipientType]::UserMailbox } | update-safelist
|
|