Article

Part 2: How to keep your Exchange server off spam blacklists

Brien Posey

There are a few preventative measures you can take to reduce the chances that your e-mail server will end up on a blacklist.

1. Run antispyware software

First, run a good antispyware application and desktop firewall on all computers in your network. If a workstation is infected, it may not directly affect your Exchange Server, but it can still result in your Exchange server being blacklisted.

Most organizations only have one or two publicly accessible IP addresses. Often, the public IP address is assigned to a router that directs inbound messages to your Exchange server. Since workstations connected to the Internet often use

    Requires Free Membership to View

Network Address Translation (NAT), the router uses its own IP address to retrieve Web content on behalf of the client requesting it.

This is important because, depending on how your network is configured, Web requests from workstations could potentially be using the same IP address as your Exchange Server.

Therefore, if a Trojan is causing a workstation to spew spam, it could potentially cause your company's publicly accessible IP address to become blacklisted, which essentially has the same effect as blacklisting your Exchange server.

2. Make sure your Exchange Server is not an open relay

A second preventative measure is to check your Exchange server for the existence of an open relay, and close the relay if it is open.

  1. In Exchange Server 2003, go to Exchange System Manager -> Administrative Groups -> your administrative group -> Servers -> your server -> Protocols -> SMTP -> Default SMTP Virtual Server.

  2. Right click on the Default SMTP Virtual Server and select Properties.

  3. Select the Access tab and click the Relay button.

  4. You will see a dialog box that allows you to configure mail relay for the server. I recommend using the "Only the List Below" setting.

If you have multiple SMTP virtual servers configured, you will have to repeat this procedure for each one.

3. Use Sender Policy Framework (SPF)

Sender Policy Framework is a relatively new technology that allows you to list the IP addresses of your mail servers in a special DNS record.

When recipients receive a message that claims to be from you, their antispam software can compare the IP address the message originated from against your e-mail server's IP address. If the addresses don't match, the message can be assumed fraudulent, and the recipient doesn't think that your mail server is sending out spam.

The Sender Policy Framework is still relatively new and a bit controversial because of some alleged weaknesses. However, it is a tool that could potentially help prevent you from being blacklisted.


TUTORIAL: HOW TO PROTECT EXCHANGE SERVER FROM SPAM BLACKLISTS

 Home: Introduction
 Part 1: How your Exchange server can get blacklisted
 Part 2: How to keep your Exchange server off spam blacklists
 Part 3: How to remove your Exchange server from spam blacklists
 Part 4: Related links on spam prevention and management

ABOUT THE AUTHOR:   
Brien M. Posey, MCSE
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Exchange Server, and has previously received Microsoft's MVP award for Windows Server and Internet Information Server (IIS). Brien has served as CIO for a nationwide chain of hospitals and was once responsible for the Department of Information Management at Fort Knox. As a freelance technical writer, Brien has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at http://www.brienposey.com.

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: