Microsoft has released its latest version of Exchange server i.e. Exchange Server 2016 with a lot of technological and innovative changes in it. Most of the Users are very much excited working with this newest release, because of its new features such as better searching capabilities, Improved emailing features and Outlook web app, cloud approach and the better security. These features help users in their business development.
It is better to take the prevention instead of finding for the solution once the problem occurs. Because there are so many spammers and malicious senders who use a variety of techniques to send spams or unwanted mails in to your organization. Sometimes, it is very difficult for a single tool to eliminate it. However, Exchange server 2016 provides built in anti-spam features that protects your organization from malwares and spams. It has a multi layered approach that reduces the unwanted messages.
Mailbox server and Edge Transport server of Exchange have a significant role in anti-spam protection.
Anti-spam agents on Mailbox Servers
Mailbox server contains transport services, that helps in routing the mails. You have to enable anti-spam agents on mailbox servers only if the Edge transport server is not present in your organization. Each anti-spam agent is provided with a priority value. An anti-spam agent with a highest priority value takes the action on a message before the lower priority value. Highest priority value is always lowest value.
The SMTP event which is present in the transport pipeline, where all the anti-spam agents are registered and also helps in determining the order of the messages on which the agents should take the actions.
Order of the anti-spam agents that are applied to the messages on mailbox servers
- Sender filter agent: Compares the sending server with a list of sender domains which is already exists, to check, whether this sending server has the permission to communicate with your organization.
- Sender ID agent: Sender ID relies on the IP address and the Purported Responsible Address (PRA) of the Sender to determine whether the sender email address is spoofed or not.
- Content filter agent: This agent assigns a Spam Confidence Level (SCL) to each of the messages based on the legitimate and spam messages.
- Protocol Analysis agent: Provides the Sender Reputation to calculate the Sender Reputation level for incoming messages, that determines the actions to take on those messages.
Anti-Spam agents on Edge Transport Servers
Edge Transport server provides Internet mail flow, antispam, and mail flow rules for your Exchange Server 2016 organization. Anti-spam agents on Edge Transport Servers work together to provide different layers of spam filtering and protection. It establishes tar pitting intervals on connectors that prevents Email harvesting attempts.
If your organization has Edge Transport server installed in your perimeter network,then all the anti-spam agents of the mailbox servers are installed and enabled by default, in the Edge Transport Server.
Anti-spam agents that are available in the Edge Transport Servers.
- Connection filtering agent: Before starting any communication, there must be a connection established between sender and the receiver by using the IP address. Connection filtering agent uses IP block list, IP allow list, IP block list provider and IP allow list provider. It helps to determine whether the connection should be allowed or blocked, when the connection request is received from the sender.
- Recipient filtering agent: It uses recipient block list to determine whether the message is allowed to enter your organization or not.
- Attachment filtering agent: Based on the file name, extension and the MIME content type, this agent blocks the messages or the attachments.
Order of the anti-spam agents that are applied to the messages on Edge Transport Servers
- Connection filtering agent
- Sender filtering agent
- Recipient filtering agent
- Sender ID agent
- Content filter agent
- Protocol analysis agent
- Attachment filtering agent