How to set up an IP Blocklist Provider in Exchange 2010 and 2013

Written by Allen White on. Posted in Exchange 2010

Providing you have Enabled Exchange 2010 Anti Spam and Enabled Exchange 2013 Anti Spam the read on!

IP Blocklist providers are a special type of DNS service provider that email admins can use to help reduce the amount of spam they must process on their systems. Exchange admins can configure their Edge Transport servers to use an IP Blocklist provider. Each time the Edge server processes a connection request from an external system it will send a DNS query to the IP Blocklist provider to see whether or that source is a known spammer.

If you want to use an IP Blocklist provider, you should look at the way each one develops and maintains their lists to make sure you are comfortable with how a system gets on the list, and how it can get off the list. You should also whitelist critical business partners, just in case they get on a list by mistake. That happens far more often than you’d think it would and it can take weeks to get off a list once you are on it. White listing ensures your choice of Blocklist provider won’t lead to any negative impact on the business.

You can use either the Exchange Management Console or the Exchange Management Shell to setup and configure an IP Blocklist provider. The EMS is much faster so we will cover it here. There are three cmdlets that are used when working with IP Blocklist providers; Add-IPBlockListProvider, Set-IPBlockListProvider, and Remove-IPBlockListProvider cmdlets. The following lines show examples of how to configure IP Blocklist providers. Enter each as single line of text in the EMS.

The following example adds a new IP Block List provider service called “SpamHaus IP Block List Provider,” and configures it to use bitmask matching for 127.0.0.1 (block messages from IP addresses that are on the block list):

Add-IPBlockListProvider -Name "SpamHaus IP Block List Provider" -LookupDomain "zen.spamhaus.org" -BitMaskMatch 127.0.0.1

The following example configures the same IP Block List provider service to use a custom rejection response:

Set-IPBlockListProvider "SpamHaus IP Block List Provider" -RejectionResponse "Your message was rejected because the IP address of the server sending your message is in the block list of contoso.com IP Block List Provider service. No soup for you."

The following example adds another IP Block List provider service called “SpamCop IP Block List Provider”, and configures it to use explicit response matching for 127.0.0.2 and 127.0.0.5 (the host is a known spam source or is an open relay). The command also adds this new provider as the top preferred provider.

Add-IPBlockListProvider -Name "SpamCop IP Block List Provider" -LookupDomain "bl.spamcop.net" -IPAddressesMatch "127.0.0.2","127.0.0.5" -Priority 1

If you want to remove a provider, you can go into the EMC to delete them, or use the

Remove-IPBlockListProvider

command in the EMS. When you set up a custom response messages, consider adding contact information so that is a legitimate admin is trying to debug an issue, they will know what is wrong, and how to contact you. No spammer will ever read these responses.

Exchange 2010 can make use of IP Blocklist providers, but you still have to select the one you want to use, and are dependent upon that provider to keep an essentially free service up to date. If you find IP Blocklists particularly valuable, you might also want to consider an anti-spam solution that takes advantage of these services. The subscription based IP Blocklists may cost a little bit each month, but can be far more reliable in the long run.

Got A Question?..Ask The Community

 
 

Related Problems

Add An IP Block List Provider To Exchange 2010 With The EMC
How to block spam in exchange 2010 with and ip block list provider.A guide on how to block spam in exchange 2010 by using an IP Block List Provider.Add a ...
READ SOLUTION
Exchange 2010 anti spam – enable
A step by step guide on how to enable the anti spam agent in exchange 2010 and 2007. How to stop spam emails in exchange 2007 and 2010.
READ SOLUTION
Setup Exchange 2007/2010 and 2013 Whitelists.
A step by step guide on how to Setup Exchange 2007/2010 and Exchange 2013 Whitelists.How to allow email into your orginization only from whitelisted sources / email whitelists.
READ SOLUTION
Block Users Seeing Exchange 2010 Global Address List (GAL) – Applies to Exchange 2007 Also
This a quick way of stopping exchange 2010 or exchange 2007 users from seeing your global address lists. Block groups seeing the GAL.Block Users Seeing Exchange 2010 Global Address List
READ SOLUTION
Setup iPad Or iPhone to Connect to Microsoft Exchange 2007,2010 and 2013
A step by step guide on how to connect your apple iPhone or iPad to Microsoft exchange server 2007,2010 and Exchange 2013.How to configure mail to connect to exchange. Connect ...
READ SOLUTION
Exchange 2010 /2013 Queue 451 4.4.0 Primary target IP address responded with: “451 5.7.3 Cannot achieve Exchange Server authentication
While migrating from exchange 2003 to exchange 2010 you see mail queus building up between the exchange 2010 server send mail to exchange 2003. The error yuo see is Exchange ...
READ SOLUTION
Connecting outlook 2003 to exchange 2010
OUtlook 003 will not connect correctly to exchange 2010 by default, exchange 2010 only accepts encrypted connections. Here is how to configure exchange and outlook 2003 to do so.
READ SOLUTION
Add An IP Block List Provider To Exchange
Exchange 2010 anti spam – enable
Setup Exchange 2007/2010 and 2013 Whitelists.
Block Users Seeing Exchange 2010 Global Address List
Setup iPad Or iPhone to Connect to Microsoft
Exchange 2007 and Exchange 2010, Create New Mail
Exchange 2010 /2013 Queue 451 4.4.0 Primary target
Connecting outlook 2003 to exchange 2010

Tags: ,

Allen White

Allen is a Technical Consultant for an IT company in the North East of England and holds the following accreditations. MCSA, MCSE, MCTS, MCITP, CCA, CCSP, VCP 4,5 and HP ASE, AIS - Network Infrastructure. Backup Academy Certified. I run this site in my spare time so if I help you then PLEASE take the time to share using the share tools on the site.

Comments (2)

  • mollet

    |

    Hey thanks for youre help on this, but its not -RejectionMessage, its -RejectionResponse

    bye

    Reply

    • Allen White

      |

      Hi, thanks, the article was a guest post from GFI, ive updated accordingley. Thanks again!

      Reply

What Do You Think?

Search Solutions

Categories

(c) Techieshelp.com. Please be aware, all information is provided freely, any information used is done so at your risk and Techieshelp will not be held responsible for any issue that may occur.