How to enable the Exchange IMF on authenticated SMTP connections

Anonymous SMTP connections are how servers from the outside world talk to your front-end Exchange server (or whatever server you have handling external SMTP connections). They don't require any credentials. So, in theory, anyone can connect and send email.

Authenticated SMTP connections happen when another server provides credentials that the recipient server recognizes as valid, or when that other server is on a list of known-good servers validated by IP address.

Note that reverse DNS lookups or mechanisms like Sender Permitted From (SPF) aren't considered part of this picture; an Exchange server could use them, but they still wouldn't be considered authenticated connections by the above definition.

Normally, the Exchange Server Intelligent Message Filter (IMF) only runs on anonymous SMTP connections. This is because, most e-mail that needs to be filtered in this fashion will be passed through an anonymous connection, and most of the screening that needs to take place will happen immediately.

Sometimes, though, your network topology or email screening logistics won't allow this. If so, you may want to set IMF to run on authenticated SMTP connections between servers in your local ...

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Exchange Security Tips Is full email encryption the solution to Exchange security? Lock down direct file access and protect OWA users Controlling spam in Exchange 2007 at the edge transport server level When to use a self-signed certificate with Exchange Server 2007 Obtaining and verifying SSL certificates in Exchange Server How file-level antivirus software can harm your Exchange Server Understanding Exchange Server 2007 SP1 mobile security settings Which ActiveSync authentication method is best for your mobile device? Why you should secure Exchange 2007 using administrative policies Microsoft Exchange Server security dos and don'ts Spam and virus protection Controlling spam in Exchange 2007 at the edge transport server level How file-level antivirus software can harm your Exchange Server Problems with email spoofing on SBS 2003 Exchange Insider e-zine Securing your Exchange Server 2007 journaling archives Troubleshooting Outlook Web Access issues on a 64-bit system Microsoft Exchange Server security dos and don'ts Troubleshooting Microsoft Exchange Server Event ID error 6009 How effective is tracking the IP address of an email hacker? How can I configure Exchange IMF to allow an IP address or DNS? Spam and virus protection Research Email Protocols Exchange Mailbag: POP3 settings and Outlook issues Preventing duplicate SMTP addresses on Exchange Email issues after configuring hosted Exchange server on laptop Looking for a hosted Exchange provider that allows email auditing Problems receiving email from outside a Exchange Server 2003 domain Exchange Server 2003 collects email from only specific POP3 domains Changing email address formats in Exchange Server 2003 Stop personal calendar appointments from showing on Exchange Server Exchange users receiving email addressed to legacy users Email mistakenly marked as 'read' when received on BlackBerry devices

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary greylist  (SearchExchange.com) hash buster  (SearchExchange.com) image spam  (SearchExchange.com) KnujOn  (SearchExchange.com) Sender ID  (SearchExchange.com) spam confidence level  (SearchExchange.com) spamblock  (SearchExchange.com) spim  (SearchExchange.com) tarpitting  (SearchExchange.com) teergrube  (SearchExchange.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

Microsoft Exchange organization. For instance, if you're presorting email -- regardless of its validity as spam -- and want to perform spam-checking deeper within your organization, you could use this function.

To force the IMF to add spam confidence level (SCL) ratings to all messages sent through authenticated connections, open the registry on each Exchange server machine performing IMF filtering and navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Exchange\ContentFilter.

Within this key, create a new DWORD value named CheckAuthSessions, and set it to 1.

About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter.

Do you have comments on this tip? Let us know.

Related information from SearchExchange.com: