locked
BypassedSenderDomains ContentFilterConfig not woriking in combination with DNSBL RRS feed

  • Question

  • Greetings all,

    we have a strange problem. Our Exchange server 2016 is an all in one installed on one server. 

    We have setup the anti-spam filtering according to this guide:

    http://clintboessen.blogspot.si/2014/05/rbl-providers-and-exchange-2013.html

    The problem is that if the sender IP address is blacklisted it get's rejected immediately and we haven't found a way to whitelist domains.

    Does anyone know how to whitelist domains when using DNSBL on the Front End Transport?

    This worked perfectly on Exchange server 2010 when the roles have't been separated yet.

    Best regards


    • Edited by xfcghsre Thursday, September 15, 2016 7:22 PM
    Thursday, September 15, 2016 6:52 PM

All replies

  • Hi xfcghsre,

    the connection filtering you are using allows in addition to use IP Allow Lists and IP Block Lists.

    You can follow "TechNet - Add-IPAllowListEntry" to enable incorrect listed servers.

    Example:

    Add-IPAllowListEntry -IPAddress 192.168.0.100

    Nevertheless, the better way is to inform the administrators of te sending system to fix theit problems with their mailserver. With the Whitlisting you open the door that this mail server can send you spam and malware,...

    Usually there are good reasons why mailservers are listed on a RBL

    Best regards,

    Max Kaiser

    • Proposed as answer by Max Kaiser Friday, September 16, 2016 10:17 AM
    Friday, September 16, 2016 10:16 AM
  • Hi Max Kaiser,

    thank you for the quick reply. Does the IP allow list have higher priority than the DNSBL?

    The funny thing is that Microsoft Exchange Online, Office 365 etc. email sending IP addresses can be found on DNS black lists. 

    This is also true for Google services.

    If there is no other way we will just find all public IP addresses and whitelist them.

    Best regards,

    xfcghsre

    Sunday, September 18, 2016 2:53 PM
  • The IP allow List Providers is filtering by ip address,the bypassedsenderdomain parameter is filtering by mail content.

    So the IP allow list have higher priority than bypassedsenderdoamin parameter.

    • Proposed as answer by David Wang_ Wednesday, September 21, 2016 7:26 AM
    • Marked as answer by David Wang_ Friday, October 7, 2016 8:01 AM
    • Unmarked as answer by xfcghsre Saturday, November 12, 2016 10:27 AM
    Monday, September 19, 2016 9:35 AM
  • Does the IP allow list have higher priority than the DNSBL?
    Thursday, September 22, 2016 7:19 PM