Manage sender reputation
Applies to: Exchange Server 2013
Sender reputation is provided by the Protocol Analysis agent. Sender reputation blocks messages according to various characteristics of the sender. Sender reputation relies on persisted data about the sender to determine what action, if any, to take on an inbound message.
What do you need to know before you begin?
Estimated time to complete each procedure: 5 minutes
You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the "Anti-spam features" entry in the Anti-spam and anti-malware permissions topic.
You can only use the Shell to perform this procedure.
By default, anti-spam features aren't enabled in the Transport service on a Mailbox server. Typically, you only enable the anti-spam features on a Mailbox server if your Exchange organization doesn't do any prior anti-spam filtering before accepting incoming messages. For more information, see Enable anti-spam functionality on Mailbox servers.
The Protocol Analysis agent is the underlying agent for sender reputation functionality. When you disable sender reputation, the Protocol Analysis agent is still enabled.
For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center.
Tip
Having problems? Ask for help in the Exchange forums. Visit the forums at Exchange Server.
Use the Shell to enable or disable sender reputation
This example disables sender reputation.
Set-SenderReputationConfig -Enabled $false
This example enables sender reputation.
Set-SenderReputationConfig -Enabled $true
How do you you've successfully enabled or disabled sender reputation?
To verify that you've successfully enabled or disabled sender reputation, do the following:
Verify the Protocol Analysis agent is installed and enabled by running the following command:
Get-TransportAgentVerify the sender reputation values you configured by running the following command:
Get-SenderReputationConfig | Format-List Enabled,*MailEnabled
Use the Shell to enable or disable sender reputation for internal or external messages
By default, sender reputation is enabled for external messages, and disabled for internal messages. A message is considered external if it comes from an unauthenticated connection that's external to your Exchange organization. A message is considered internal if it comes from authenticated connection, and the sender's domain is configured as an authoritative domain in your Exchange organization.
To disable sender reputation for external messages, run the following command:
Set-SenderReputationConfig -ExternalMailEnabled $false
To enable sender reputation for external messages, run the following command:
Set-SenderReputationConfig -ExternalMailEnabled $true
To disable sender reputation for internal messages, run the following command:
Set-SenderReputationConfig -InternalMailEnabled $false
To enable sender reputation for internal messages, run the following command:
Set-SenderReputationConfig -InternalMailEnabled $true
How do you know you've successfully enabled or disabled sender reputation for internal and external messages?
To verify that you've successfully enabled or disabled sender reputation for internal and external messages, do the following:
Run the following command:
Get-SenderReputationConfig | Format-List Enabled,*MailEnabledVerify the values displayed match the values you configured.
Use the Shell to configure sender reputation properties
To configure the sender reputation properties, run the following command:
Set-SenderReputationConfig -SrlBlockThreshold <Value> -SenderBlockingPeriod <Hours>
This example sets the sender reputation level (SRL) block threshold to 6 and configures sender reputation to add offending senders to the IP Block List for 36 hours:
Set-SenderReputationConfig -SrlBlockThreshold 6 -SenderBlockingPeriod 36
How do you know you've successfully configured the sender reputation properties?
To verify that you've successfully configured the sender reputation properties, do the following:
Run the following command:
Get-SenderReputationConfigVerify the values displayed match the values you configured.
Use the Shell to configure outbound access for the detection of open proxy servers
You may need to perform additional steps to allow sender reputation to traverse any firewalls that are between the Internet and the Exchange server that's running the Protocol Analysis agent. The following table lists the outbound ports that are required for sender reputation.
| Protocols | Ports |
|---|---|
| SOCKS4, SOCKS5 | 1081, 1080 |
| Wingate, Telnet, Cisco | 23 |
| HTTP CONNECT, HTTP POST | 6588, 3128, 80 |
To configure outbound access for the detection of open proxy servers, run the following command:
Set-SenderReputationConfig -ProxyServerName <String> -ProxyServerPort <Port> -ProxyServerType <String>
This example configures sender reputation to use the open proxy server named SERVER01 that uses the HTTP CONNECT protocol on port 80.
Set-SenderReputationConfig - ProxyServerName SERVER01 -ProxyServerPort 80 -ProxyServerType HttpConnect
How do you know you've successfully configured outbound access for detection of open proxy servers?
To verify that you've successfully configured outbound access for detection of open proxy servers, do the following:
Run the following command:
Get-SenderReputationConfig | Format-List ProxyServer*Verify the values displayed are the values you configured.