Create a global Safe Senders List in Exchange 2007 to filter spam

When Microsoft included the Junk Email folder and associated filtering mechanisms into Outlook 2003, it marked a leap forward in the ability to control spam in Exchange Server organizations. Although the Junk Email folder and other message hygiene mechanisms work well, they aren't easy to manage. Changes in Microsoft Outlook 2007 and Exchange Server 2007, specifically in the Safe Senders List, make spam filtering even more manageable. This tip focuses on how to create and use a global, aggregate Safe Senders List in Exchange Server 2007 and Microsoft Outlook 2007 to help improve spam filtering of users' email within your organization.

One of the biggest spam-related management challenges in Outlook 2003 and Exchange Server 2003 was the Safe Senders List, sometimes referred to as a

    Requires Free Membership to View

whitelist. Each email user can create his or her Safe Senders List. Unfortunately, Exchange Server 2003 and Microsoft Outlook 2003 don't provide a way to centrally manage this list. While Exchange Server 2003 allows you to create a central whitelist, the list doesn't take the contents of individual Safe Senders Lists into account.

Changes to Exchange Server 2007 and Microsoft Outlook 2007 give Exchange administrators the ability to create an aggregate Safe Senders List. This is a compilation of all individual Safe Senders Lists that serves as a global whitelist for the organization. Essentially, if a user marks a particular sender as safe, then there is no reason why other users in the organization shouldn't also consider the sender as safe.

More resources on Exchange 2007 spam filtering:
Migrating antispam settings from Exchange 2003 to Exchange 2007

The six-layered secret of effective Exchange Server email filtering

How to install and configure an Edge Transport server for Exchange 2007

There are several benefits to creating a global, aggregate Safe Senders List. The most obvious is that it potentially can reduce the number of legitimate messages that are incorrectly marked as spam. If a sender sends email to a recipient in your organization often enough that the recipient adds the sender to the Safe Senders List, then the sender most likely has a strong relationship with the recipient. In this case, the sender may send messages to other recipients within the organization. An aggregate Safe Senders List ensures that the sender's messages aren't treated as spam, regardless of which employee the sender attempts to contact via email.

Another benefit to a global Safe Senders List is that it's helpful for new employees or those who haven't created their own Safe Senders List. Normally, when you create a mailbox for a new user, that user doesn't have a Safe Senders List. Users must manually add senders to their whitelists. Having an aggregate Safe Senders List in place gives these users an established whitelist they can use while they're building their own lists.

To create a global, aggregate Safe Senders List, open the Exchange Management Shell and enter the following command:

Get-Mailbox -> Update-SafeList –Type SafeSenders

Although this command is simple, there are a few things that you must know about aggregate Safe Senders Lists before you create one.

  • The aggregate Safe Senders List isn't compatible with Exchange Server 2003. If you have users with mailboxes residing on an Exchange 2003 server, the command will trigger an error when trying to process those mailboxes.
  • The aggregate Safe Senders List doesn't update automatically. Administrators must periodically run the above command to update the list. Most administrators prefer to create a script that runs the command at specific intervals, so they don't have to enter the command manually each time.
  • The process of creating a global, aggregate Safe Senders List can be time consuming and resource intensive. The process obtains the contents of each individual Safe Senders List and writes collective lists to Active Directory. This can strain your Exchange servers and domain controllers. Therefore, it's advisable to run the process during non-peak hours.
  • Each sender is limited to 1,024 Safe Senders List entries, although most users won't reach this limit. The limit applies to the number of entries on an individual Safe Senders List, not to the length of the aggregate list.

About the author: Brien M. Posey, MCSE, is a four-time recipient of Microsoft's Most Valuable Professional Award for his work with Windows Server, Internet Information Server (IIS) and Exchange Server. Brien has served as CIO for a nationwide chain of hospitals and healthcare facilities, and was once a network administrator for Fort Knox. You can visit Brien's personal web site at www.brienposey.com.

Do you have comments on this tip? Let us know.

Please let others know how useful this tip was via the rating scale below. Do you know a helpful Exchange Server, Microsoft Outlook or SharePoint tip, timesaver or workaround? Email the editors to talk about writing for SearchExchange.com.

This was first published in March 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.