Freeware blacklist extension for Exchange

Please let others know how useful this tip is via the rating scale at the end of it. Do you have a useful Exchange or Outlook tip, timesaver or workaround to share? Submit it to our tip contest and you could win

    Requires Free Membership to View

a prize.

While Exchange 2003 does have built-in support for realtime blacklists (RBLs), third-party applications are available that can extend that functionality to make it more versatile and useful.

One that has been around for a while is Martijn Jongen's Open Relay Filter, now in its 5.0.2 revision. ORFilter (as it's abbreviated by the author) is free, but donations to the author are encouraged. It works on Exchange Server 2000 or 2003 and Windows 2000 Server or higher.

Open Relay Filter supports several types of blacklists -- conventional DNS blacklists, such as ordb.org and spamcop.net, and a relatively new variety of blacklist known as SURBL – spam URI realtime blocklists (surbl.org).

SURBL blacklists maintain lists of URLs mentioned in spam e-mails -- any e-mail that contains a link to a blacklisted URL is strongly considered to be spam unless it's whitelisted in some fashion.

ORFilter also supports filtering by custom word lists. And, internal IP/SMTP blacklists/whitelists -- mail from specific SMTP servers, not just machines or e-mail addresses -- can be flagged as good.

When ORFilter flags a message, it adds a custom X-ORFilter header to the message to describe why it was bounced (keywords, blocked address, etc.). Each specific spam "symptom" is assigned a score value, and messages that exceed a given score threshold are marked as spam. The flagged e-mail can be deleted on the spot, rejected while still in SMTP processing, or admitted with a changed subject line or spam-relevant message headers.

Finally, all of Open Relay Filter's activity can be logged; if a message is rejected, the log will describe it in detail. A user doesn't have to track down the message itself and read the headers to find out why it bounced.

About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter and a regular contributor to SearchExchange.com.

Do you have comments on this tip? Let us know.
Related information from SearchExchange.com:

  • On-Demand Webcast: Inside the secret world of spammers (Speaker: Spammer-X, author of Inside the Spam Cartel)
  • Malware Learning Guide: Spam, spyware and viruses
  • Geek Speak Quiz: Inside the spammer's lair
  • Chapter Download: Would the real sender please stand up?
  • Topics Library: Spam prevention and management tips and expert advice

    This was first published in May 2005

  • There are Comments. Add yours.

    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.