Create a global Safe Senders List in Exchange 2007 to filter spam

One of the biggest spam-related management challenges in Outlook 2003 and Exchange Server 2003 was the Safe Senders List, sometimes referred to as a whitelist. Each email user can create his or her Safe Senders List. Unfortunately, Exchange Server 2003 and Microsoft Outlook 2003 don't provide a way to centrally manage this list. While Exchange Server 2003 allows you to create a central whitelist, the list doesn't take the contents of individual Safe Senders Lists into account.

Changes to Exchange Server 2007 and Microsoft Outlook 2007 give Exchange administrators the ability to create an aggregate Safe Senders List. This is a compilation of all individual Safe Senders Lists that serves as a global whitelist for the organization. Essentially, if a user marks a particular sender as safe, then there is no reason why other users in the organization shouldn't also consider the sender as safe.

There are several benefits to creating a global, aggregate Safe Senders List. The most obvious is that it potentially can reduce the number of legitimate messages that are incorrectly marked as spam. If a sender sends email to a recipient in your organization often enough that the recipient adds the sender to the Safe Senders List,...

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Spam and virus protection How to install Forefront Security for Exchange Server Block Web beacons and protect OWA users from spam Controlling spam in Exchange 2007 at the edge transport server level How file-level antivirus software can harm your Exchange Server Problems with email spoofing on SBS 2003 Exchange Insider e-zine Securing your Exchange Server 2007 journaling archives Troubleshooting Outlook Web Access issues on a 64-bit system Microsoft Exchange Server security dos and don'ts Troubleshooting Microsoft Exchange Server Event ID error 6009 Spam and virus protection Research Microsoft Exchange Server 2007 How to install Forefront Security for Exchange Server Displaying Exchange 2007 public folders in SharePoint Don'ts for optimal Exchange 2007 mailbox server efficiency Is your Exchange 2007 hub transport server healthy? Top 5 Exchange ActiveSync tips Two useful tools for documenting an Exchange Server installation Controlling spam in Exchange 2007 at the edge transport server level Restore Exchange storage groups with DPM 2007 How a hosted Exchange service can help you Email issues after configuring hosted Exchange server on laptop Microsoft Exchange Server 2007 Research Exchange Security Tips How to install Forefront Security for Exchange Server Is full email encryption the solution to Exchange security? Lock down direct file access and protect OWA users Controlling spam in Exchange 2007 at the edge transport server level When to use a self-signed certificate with Exchange Server 2007 Obtaining and verifying SSL certificates in Exchange Server How file-level antivirus software can harm your Exchange Server Understanding Exchange Server 2007 SP1 mobile security settings Which ActiveSync authentication method is best for your mobile device? Why you should secure Exchange 2007 using administrative policies

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary backscatter spam  (SearchExchange.com) greylist  (SearchExchange.com) image spam  (SearchExchange.com) KnujOn  (SearchExchange.com) Sender ID  (SearchExchange.com) spam confidence level  (SearchExchange.com) spamblock  (SearchExchange.com) spim  (SearchExchange.com) tarpitting  (SearchExchange.com) Vouch by Reference (VBR)  (SearchExchange.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

then the sender most likely has a strong relationship with the recipient. In this case, the sender may send messages to other recipients within the organization. An aggregate Safe Senders List ensures that the sender's messages aren't treated as spam, regardless of which employee the sender attempts to contact via email.

Another benefit to a global Safe Senders List is that it's helpful for new employees or those who haven't created their own Safe Senders List. Normally, when you create a mailbox for a new user, that user doesn't have a Safe Senders List. Users must manually add senders to their whitelists. Having an aggregate Safe Senders List in place gives these users an established whitelist they can use while they're building their own lists.

To create a global, aggregate Safe Senders List, open the Exchange Management Shell and enter the following command:

Get-Mailbox -> Update-SafeList –Type SafeSenders

Although this command is simple, there are a few things that you must know about aggregate Safe Senders Lists before you create one.

• The aggregate Safe Senders List isn't compatible with Exchange Server 2003. If you have users with mailboxes residing on an Exchange 2003 server, the command will trigger an error when trying to process those mailboxes.
• The aggregate Safe Senders List doesn't update automatically. Administrators must periodically run the above command to update the list. Most administrators prefer to create a script that runs the command at specific intervals, so they don't have to enter the command manually each time.
• The process of creating a global, aggregate Safe Senders List can be time consuming and resource intensive. The process obtains the contents of each individual Safe Senders List and writes collective lists to Active Directory. This can strain your Exchange servers and domain controllers. Therefore, it's advisable to run the process during non-peak hours.
• Each sender is limited to 1,024 Safe Senders List entries, although most users won't reach this limit. The limit applies to the number of entries on an individual Safe Senders List, not to the length of the aggregate list.

About the author: Brien M. Posey, MCSE, is a four-time recipient of Microsoft's Most Valuable Professional Award for his work with Windows Server, Internet Information Server (IIS) and Exchange Server. Brien has served as CIO for a nationwide chain of hospitals and healthcare facilities, and was once a network administrator for Fort Knox. You can visit Brien's personal web site at www.brienposey.com.

Do you have comments on this tip? Let us know.

Please let others know how useful this tip was via the rating scale below. Do you know a helpful Exchange Server, Microsoft Outlook or SharePoint tip, timesaver or workaround? Email the editors to talk about writing for SearchExchange.com.

Rate this Tip To rate tips, you must be a member of SearchExchange.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.