Add-IPBlockListProvider (RTM)

Article
01/23/2017

Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

Applies to: Exchange Server 2007

Use the Add-IPBlockListProvider cmdlet to create a new IP Block List provider configuration on the computer that has the Edge Transport server role or the Hub Transport server role installed.

Syntax

Add-IPBlockListProvider -Name <String> -LookupDomain <SmtpDomain> [-AnyMatch <$true | $false>] [-BitmaskMatch <IPAddress>] [-DomainController <Fqdn>] [-Enabled <$true | $false>] [-IPAddressesMatch <MultiValuedProperty>] [-Priority <Int32>] [-RejectionResponse <AsciiString>] [-TemplateInstance <PSObject>]

Detailed Description

The IP Block List provider configuration is used by the Connection Filter agent.

The Name parameter and the LookupDomain parameter are required. If you do not pass the required parameters, the Exchange Management Shell prompts you for them.

To run the Add-IPBlockListProvider cmdlet, the account you use must be delegated the following:

Exchange Server Administrator role and local Administrators group for the target server

To run the Add-IPBlockListProvider cmdlet on a computer that has the Edge Transport server role installed, you must log on by using an account that is a member of the local Administrators group on that computer.

For more information about permissions, delegating roles, and the rights that are required to administer Microsoft Exchange Server 2007, see Permission Considerations.

Parameters

Parameter	Required	Type	Description
LookupDomain	Required	Microsoft.Exchange.Data.SmtpDomain	The domain name that the Connection Filter agent queries for updated IP Block List data
Name	Required	System.String	The name of the IP Block List provider service
AnyMatch	Optional	System.Boolean	Valid input for the Enabled parameter is `$true` or `$false`. The default setting is `$false`. When the AnyMatch parameter is set to `$true`, the Connection Filter agent treats any IP Address status code that is returned by the IP Block List provider service as a match.
BitmaskMatch	Optional	System.Net.IPAddress	When you configure the BitmaskMatch parameter to use an IP address, the Connection Filter agent acts only on messages that match the IP Address status code that is returned by the IP Block List provider service.
DomainController	Optional	Microsoft.Exchange.Data.Fqdn	To specify the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory directory service, include the DomainController parameter on the command. The DomainController parameter is not supported on computers that have the Edge Transport server role installed. The Edge Transport server role writes only to the local ADAM instance.
Enabled	Optional	System.Boolean	Valid input for the Enabled parameter is `$true` or `$false`. The default setting is `$true`. When the Enabled parameter is set to `$true`, the Connection Filter agent queries the IP Block List provider service according to the priority that is set for this IP Block List provider configuration.
IPAddressesMatch	Optional	Microsoft.Exchange.Data.MultiValuedProperty	When the IPAddressesMatch parameter is configured to use an IP Address, the Connection Filter agent acts only on messages that match the same IP Address status code that is returned by the IP Block List provider service.
Priority	Optional	System.Int32	Set the Priority parameter to configure the order that the Connection Filter agent queries the IP Block List provider services that you have configured. By default, every time that you add a new IP Block List provider, the entry is assigned a priority of N+1, where N is the number of IP Block List provider services that you have configured. If you set the Priority parameter to a value that is the same as another IP Block List provider service, the priority of the IP Block List provider that you add first is incremented by 1.
RejectionResponse	Optional	Microsoft.Exchange.Data.AsciiString	The RejectionResponse parameter takes a string. Enter the message body that you want delivered in the SMTP session to senders whose messages are blocked by the Connection Filter agent when an IP Block List provider service matches the sender's IP address. We recommend that you specify the IP Block List provider service in the response so that legitimate senders can contact the IP Block List provider service. The argument cannot exceed 240 characters. When you pass an argument, you must enclose the RejectionResponse parameter in double quotation marks if the phrase contains spaces as follows, for example: `"Originating IP addressed matched to Example.com's IP Block List provider service"`.
TemplateInstance	Optional	System.Management.Automation.PSObject	When an existing object is supplied to this parameter, the command uses that object's configuration to create an exact duplicate of the object on a local or target server.

Input Types

Return Types

Errors

Error	Description

Example

The first code example shows an Add-IPBlockListProvider command that has the required parameters. It also shows how to add a new IP Block List provider and set a rejection response.

The second code example shows an Add-IPBlockListProvider command that has the required parameters and shows how to configure a bitmask return value from the provider.

Add-IPBlockListProvider -Name:Example -LookupDomain:Example.com -RejectionResponse "Originating IP addressed matched to Example.com's IP Block List provider service"
Add-IPBlockListProvider -Name:Example -LookupDomain:Example.com -BitmaskMatch 127.1.0.1

Share via