Export (0) Print
Expand All

Manage sender reputation

 

Applies to: Exchange Server 2013

Topic Last Modified: 2012-10-03

Sender reputation is provided by the Protocol Analysis agent. Sender reputation blocks messages according to various characteristics of the sender. Sender reputation relies on persisted data about the sender to determine what action, if any, to take on an inbound message.

  • Estimated time to complete each procedure: 5 minutes

  • You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the "Anti-spam features" entry in the Anti-spam and anti-malware permissions topic.

  • You can only use the Shell to perform this procedure.

  • By default, anti-spam features aren't enabled in the Transport service on a Mailbox server. Typically, you only enable the anti-spam features on a Mailbox server if your Exchange organization doesn't do any prior anti-spam filtering before accepting incoming messages. For more information, see Enable anti-spam functionality on Mailbox servers.

  • The Protocol Analysis agent is the underlying agent for sender reputation functionality. When you disable sender reputation, the Protocol Analysis agent is still enabled.

  • For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center.

TipTip:
Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection.

This example disables sender reputation.

Set-SenderReputationConfig -Enabled $false

This example enables sender reputation.

Set-SenderReputationConfig -Enabled $true

To verify that you have successfully enabled or disabled sender reputation, do the following:

  1. Verify the Protocol Analysis agent is installed and enabled by running the following command:

    Get-TransportAgent
    
  2. Verify the sender reputation values you configured by running the following command:

    Get-SenderReputationConfig | Format-List Enabled,*MailEnabled
    

By default, sender reputation is enabled for external messages, and disabled for internal messages. A message is considered external if it comes from an unauthenticated connection that's external to your Exchange organization. A message is considered internal if it comes from authenticated connection, and the sender's domain is configured as an authoritative domain in your Exchange organization.

To disable sender reputation for external messages, run the following command:

Set-SenderReputationConfig -ExternalMailEnabled $false

To enable sender reputation for external messages, run the following command:

Set-SenderReputationConfig -ExternalMailEnabled $true

To disable sender reputation for internal messages, run the following command:

Set-SenderReputationConfig -InternalMailEnabled $false

To enable sender reputation for internal messages, run the following command:

Set-SenderReputationConfig -InternalMailEnabled $true

To verify that you have successfully enabled or disabled sender reputation for internal and external messages, do the following:

  1. Run the following command:

    Get-SenderReputationConfig | Format-List Enabled,*MailEnabled
    
  2. Verify the values displayed match the values you configured.

To configure the sender reputation properties, run the following command:

Set-SenderReputationConfig -SrlBlockThreshold <Value> -SenderBlockingPeriod <Hours>

This example sets the sender reputation level (SRL) block threshold to 6 and configures sender reputation to add offending senders to the IP Block List for 36 hours:

Set-SenderReputationConfig -SrlBlockThreshold 6 -SenderBlockingPeriod 36

To verify that you have successfully configured the sender reputation properties, do the following:

  1. Run the following command:

    Get-SenderReputationConfig
    
  2. Verify the values displayed match the values you configured.

You may need to perform additional steps to allow sender reputation to traverse any firewalls that are between the Internet and the Exchange server that's running the Protocol Analysis agent. The following table lists the outbound ports that are required for sender reputation.

 

Protocols Ports

SOCKS4, SOCKS5

1081, 1080

Wingate, Telnet, Cisco

23

HTTP CONNECT, HTTP POST

6588, 3128, 80

To configure outbound access for the detection of open proxy servers, run the following command:

Set-SenderReputationConfig -ProxyServerName <String> -ProxyServerPort <Port> -ProxyServerType <String>

This example configures sender reputation to use the open proxy server named SERVER01 that uses the HTTP CONNECT protocol on port 80.

Set-SenderReputationConfig - ProxyServerName SERVER01 -ProxyServerPort 80 -ProxyServerType HttpConnect

To verify that you have successfully configured outbound access for detection of open proxy servers, do the following:

  1. Run the following command:

    Get-SenderReputationConfig | Format-List ProxyServer*
    
  2. Verify the values displayed are the values you configured.

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft