none
Spam and antimalware

    Question

  • I am managing an Exchange Server 2013 with out any 3rd party spam- and malware software and I am receiving alot of spam, between 20 and 30 emails very day.

    I have configured antispam and antimalware on my Exchanger server by following guides like

    http://www.msexchange.org/articles-tutorials/exchange-server-2013/security-message-hygiene/anti-spam-and-anti-malware-protection-exchange-2013-part1.html

    and

    https://technet.microsoft.com/en-us/library/bb201691(v=exchg.160).aspx

    Most messages have the same subject text and some are different. Most messages come from different email addresses.

    Most of the messages also have a .zip, .doc or .jpg file attached. I have configured malware agent to reject such files, to scan inside the files but they still end up in the mailboxes.

    Any cloes to stop the spam and malware?

    Wednesday, December 21, 2016 7:21 AM

All replies

  • Hello ThomasRH,

    Can you sure those messages are spam?
    By default, .zip, .doc or .jpg file will not be defined in attachment filtering, and we need manually add those file type into the attachment filter list. You can run below command to list (also action settings):
    Get-AttachmentFilterEntry | Format-Table -Auto Type,Name
    Get-AttachmentFilterListConfig | Format-List Action,AdminMessage,RejectResponse,ExceptionConnectors
    If not, you can use Add-AttachmentFilterEntry to add.

    Meanwhile, we can use transport rule to monitor message which contains some sensitive attachment files.
    For your reference: https://technet.microsoft.com/en-us/library/jj674307(v=exchg.150).aspx

    Best Regards,

    Allen Wang


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, December 22, 2016 9:36 AM
    Moderator
  • Yes I am sure that it is spam, but I actually solved the problem another way. I found out that I haven't configured IPBlockListProvider, after doing that with zen.spamhaus.org and blspamcop.net I haven't received any spam in the mailboxes or the quarantine mailbox for 2 days.

    Friday, December 23, 2016 6:24 PM
  • Glad it solved, and thank you for your sharing. Have a nice day.

    Best Regards,

    Allen Wang


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Sunday, December 25, 2016 4:40 AM
    Moderator