Export (0) Print
Expand All

Manage Sender ID

 

Applies to: Exchange Server 2013

Topic Last Modified: 2012-10-03

Sender ID functionality is provided by the Sender ID agent. Sender ID validates the origin of email messages by verifying the IP address of the sender against the purported owner of the sender domain. Sender ID filtering is performed on inbound messages that come from the Internet but aren't authenticated. These messages are handled as external messages.

  • Estimated time to complete each procedure: 5 minutes
  • You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the "Anti-spam features" entry in the Anti-Spam and Anti-Malware Permissions topic.
  • You can only use the Shell to perform this procedure.
  • By default, anti-spam features aren't enabled in the Transport service on a Mailbox server. Typically, you only enable the anti-spam features on a Mailbox server if your Exchange organization doesn't do any prior anti-spam filtering before accepting incoming messages. For more information, see Enable Anti-Spam Functionality on a Mailbox Server.
  • For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard Shortcuts in the Exchange Admin Center.
tipTip:
Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection

To disable Sender ID, run the following command:

Set-SenderIDConfig -Enabled $false

To enable Sender ID, run the following command:

Set-SenderIDConfig -Enabled $true
noteNote:
When you disable Sender ID, the underlying Sender ID agent is still enabled. To disable the Sender ID agent, run the command: Disable-TransportAgent "Sender ID Agent".

To verify that you have successfully enabled or disabled Sender ID, do the following:

  1. Run the following command:
    Get-SenderIDConfig | Format-List Enabled
    
  2. Verify the value displayed is the value you configured.

To configure the Sender ID action for spoofed messages, run the following command:

Set-SenderIDConfig -SpoofedDomainAction <StampStatus | Reject | Delete>

This example configures the Sender ID agent to reject any messages where the IP address of the sending server isn't listed as an authoritative SMTP sending server in the DNS Sender Policy Framework (SPF) record for the sending domain.

Set-SenderIDConfig -SpoofedDomainAction Reject

To verify that you have successfully configured the Sender ID action for spoofed messages, do the following:

  1. Run the following command:
    Get-SenderIDConfig | Format-List SpoofedDomainAction
    
  2. Verify the value displayed is the value you configured.

To configure the Sender ID action for transient errors, run the following command:

Set-SenderIDConfig -TempErrorAction <StampStatus | Reject | Delete>

This example configures the Sender ID agent to stamp the messages when the Sender ID status can't be determined due to a temporary DNS server error. The message will be processed by other anti-spam agents and the Content Filter agent will use the mark when determining the SCL value for the message.

Set-SenderIDConfig -TempErrorAction StampStatus

Note that StampStatus is the default value for the TempErrorAction parameter.

To verify that you have successfully configured the Sender ID action for transient errors, do the following:

  1. Run the following command:
    Get-SenderIDConfig | Format-List TempErrorAction
    
  2. Verify the value displayed is the value you configured.

To replace the existing values, run the following command:

Set-SenderIDConfig -BypassedRecipients <recipient1,recipient2...> -BypassedSenderDomains <domain1,domain2...>

This example configures the Sender ID agent to bypass the Sender ID check for messages sent to kim@contoso.com and john@contoso.com, and to bypass the Sender ID check for messages sent from the fabrikam.com domain.

Set-SenderIDConfig -BypassedRecipients kim@contoso.com,john@contoso.com -BypassedSenderDomains fabrikam.com

To add or remove entries without modifying any existing values, run the following command:

Set-SenderIDConfig -BypassedRecipients @{Add="<recipient1>","<recipient2>"...; Remove="<recipient1>","<recipient2>"...} -BypassedSenderDomains @{Add="<domain1>","<domain2>"...; Remove="<domain1>","<domain2>"...}

This example configures the Sender ID agent with the following information:

  • Add chris@contoso.com and michelle@contoso.com to the list of existing recipients who bypass the Sender ID check.
  • Remove tailspintoys.com from the list of existing domains that bypass the Sender ID check.
Set-SenderIDConfig -BypassedRecipients @{Add="chris@contoso.com","michelle@contoso.com"} -BypassedSenderDomains @{Remove="tailspintoys.com"}

To verify that you have successfully configured recipient and sender domain exceptions, do the following:

  1. Run the following command:
    Get-SenderIDConfig | Format-List BypassedRecipients,BypassedSenderDomains
    
  2. Verify the values displayed are the values you configured.
 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft