Share via


Add-IPBlockListProvider (RTM)

Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

 

Applies to: Exchange Server 2007

Use the Add-IPBlockListProvider cmdlet to create a new IP Block List provider configuration on the computer that has the Edge Transport server role or the Hub Transport server role installed.

Syntax

Add-IPBlockListProvider -Name <String> -LookupDomain <SmtpDomain> [-AnyMatch <$true | $false>] [-BitmaskMatch <IPAddress>] [-DomainController <Fqdn>] [-Enabled <$true | $false>] [-IPAddressesMatch <MultiValuedProperty>] [-Priority <Int32>] [-RejectionResponse <AsciiString>] [-TemplateInstance <PSObject>]

Detailed Description

The IP Block List provider configuration is used by the Connection Filter agent.

The Name parameter and the LookupDomain parameter are required. If you do not pass the required parameters, the Exchange Management Shell prompts you for them.

To run the Add-IPBlockListProvider cmdlet, the account you use must be delegated the following:

  • Exchange Server Administrator role and local Administrators group for the target server

To run the Add-IPBlockListProvider cmdlet on a computer that has the Edge Transport server role installed, you must log on by using an account that is a member of the local Administrators group on that computer.

For more information about permissions, delegating roles, and the rights that are required to administer Microsoft Exchange Server 2007, see Permission Considerations.

Parameters

Parameter Required Type Description

LookupDomain

Required

Microsoft.Exchange.Data.SmtpDomain

The domain name that the Connection Filter agent queries for updated IP Block List data

Name

Required

System.String

The name of the IP Block List provider service

AnyMatch

Optional

System.Boolean

Valid input for the Enabled parameter is $true or $false. The default setting is $false. When the AnyMatch parameter is set to $true, the Connection Filter agent treats any IP Address status code that is returned by the IP Block List provider service as a match.

BitmaskMatch

Optional

System.Net.IPAddress

When you configure the BitmaskMatch parameter to use an IP address, the Connection Filter agent acts only on messages that match the IP Address status code that is returned by the IP Block List provider service.

DomainController

Optional

Microsoft.Exchange.Data.Fqdn

To specify the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory directory service, include the DomainController parameter on the command. The DomainController parameter is not supported on computers that have the Edge Transport server role installed. The Edge Transport server role writes only to the local ADAM instance.

Enabled

Optional

System.Boolean

Valid input for the Enabled parameter is $true or $false. The default setting is $true. When the Enabled parameter is set to $true, the Connection Filter agent queries the IP Block List provider service according to the priority that is set for this IP Block List provider configuration.

IPAddressesMatch

Optional

Microsoft.Exchange.Data.MultiValuedProperty

When the IPAddressesMatch parameter is configured to use an IP Address, the Connection Filter agent acts only on messages that match the same IP Address status code that is returned by the IP Block List provider service.

Priority

Optional

System.Int32

Set the Priority parameter to configure the order that the Connection Filter agent queries the IP Block List provider services that you have configured. By default, every time that you add a new IP Block List provider, the entry is assigned a priority of N+1, where N is the number of IP Block List provider services that you have configured.

If you set the Priority parameter to a value that is the same as another IP Block List provider service, the priority of the IP Block List provider that you add first is incremented by 1.

RejectionResponse

Optional

Microsoft.Exchange.Data.AsciiString

The RejectionResponse parameter takes a string. Enter the message body that you want delivered in the SMTP session to senders whose messages are blocked by the Connection Filter agent when an IP Block List provider service matches the sender's IP address. We recommend that you specify the IP Block List provider service in the response so that legitimate senders can contact the IP Block List provider service. The argument cannot exceed 240 characters. When you pass an argument, you must enclose the RejectionResponse parameter in double quotation marks if the phrase contains spaces as follows, for example: "Originating IP addressed matched to Example.com's IP Block List provider service".

TemplateInstance

Optional

System.Management.Automation.PSObject

When an existing object is supplied to this parameter, the command uses that object's configuration to create an exact duplicate of the object on a local or target server.

Input Types

Return Types

Errors

Error Description

 

Example

The first code example shows an Add-IPBlockListProvider command that has the required parameters. It also shows how to add a new IP Block List provider and set a rejection response.

The second code example shows an Add-IPBlockListProvider command that has the required parameters and shows how to configure a bitmask return value from the provider.

Add-IPBlockListProvider -Name:Example -LookupDomain:Example.com -RejectionResponse "Originating IP addressed matched to Example.com's IP Block List provider service"
Add-IPBlockListProvider -Name:Example -LookupDomain:Example.com -BitmaskMatch 127.1.0.1