Windows Server System Magazine - Setting up RBL in Exchange 2003

FTPOnline

Channels

Conferences

Resources

Hot Topics

Partner Sites

Magazines

About FTP

	email article
	printer friendly
	more resources

Setting Up RBL in Exchange 2003
Learn the step many administrators forget when setting up a realtime blackhole list.
by Ben Schorr and Jim McBee

August 10, 2004

Q:
I have heard from a few friends that the block list feature of Exchange 2003 can help me reduce the amount of spam my users receive. The problem is that I can't make seem to get it to work.

—Lily, Paris

A:
Jim: You should live here in Hawaii; we see lots of Spam every day. More Hormel Spam is consumed in Hawaii than anywhere else in the United States. The Exchange 2003 block list (aka realtime block list or realtime blackhole list) does indeed work, but there are a few caveats you need to be aware of. The first is, once configured, your Exchange 2003 SMTP server will reject all inbound mail from addresses listed on your realtime blackhole list (RBL) service.

Ben: You should also be aware that the inbound connection from the sender's SMTP server must connect directly to your Exchange 2003 server. If you direct inbound mail through a relay host first, the relay host must have the ability to use an RBL, not Exchange.

Jim: First, to configure your Exchange 2003 organization to use an RBL, you have to display the Connection Filtering property page on the Message Delivery properties. Here, you can add and manage RBL providers. In Figure 1, you can see that I have configured the Spamhaus Block List. I usually configure two different providers, but it is not uncommon to see admins configuring five or more RBL providers.

Ben: If you know that someone you communicate with frequently is on an RBL list, you can configure the Connection Filtering option to accept mail even if the sender's IP address is on a blocked list.

Jim: You might think you are out of the woods. One of the most common reasons that an RBL configuration does not work in Exchange 2003 is that the administrator forgets that the SMTP virtual servers that are exposed to the Internet for inbound mail must also have connection filtering enabled. This is hiding behind the Advanced button on the General property page. Click the Apply Connection Filter to the IP addresses that you want to enable.

Ben: There are many arguments for and against using an RBL service. You should thoroughly research (and test) this feature before you implement it. We have included some recommended reading in the Resources section. Also, if you want a good recipe for Spam sandwiches, let me know. I don't know what kind of wine you would serve with Spam, though.