In the past I had an issue with being used as an open relay as well as having my address spoofed. As a best-practice, I not keep block list providers configured in Exchange 2007, even if I do not prefer to use Forefront Security. Setting up block list providers is easy, and I will list a few that you should add.

Open Exchange Management console (EMC). Expand Orginization Configuration>Hub Transport. Click the Anti-Spam tab.

Your looking at a list like this:

Block List Provider Setup

Block List Provider Setup

Double click IP Block List Providers, then click the Providers tab
Click Add and you will be looking at a screen like this:
Add Block List Provider

Add Block List Provider

For Name, enter SpamHaus
For Lookup Domain, add zen.spamhaus.net
Leave it selected to Match Any Return Code
Click OK.
Repeat with the following addresses:
  • SpamCop: bl.spamcop.net
  • Sorbs: dnsbl.sorbs.net
  • AbuseAt: cbl.abuseat.org
  • SpamHaus: zen.spamhaus.org
Block List Providers

Block List Providers

These are the four I use. Feel free to add more or less, or add different ones depending upon your need.
These lists block the IP addresses of domains known to send spam. They do not catch all, and sometime the catch the wrong IP’s. SORBS is notably hard to deal with if you get incorrectly listed, and will charge for a second removal- so make sure you are not an open relay.
A GREAT test can be found here- this will tell you your relay status: Microsoft Exchange Server Remote Connectivity Analyzer (near the bottom, Inbound SMTP Test, though the others are good to run as well).
On a side note, while your in Anti-Spam, look at the other settings as well, there might be some you need to change. One for me is under recipient fintering, I check the box for block addresses outside of the GAL. I do not want anyone outside sending mail to my domain for anyone not on the GAL.
Recipient Filtering

Recipient Filtering

Advertisements