How to Enable Connection Filtering
Microsoft Exchange Server 2007 will reach end of support on April 11, 2017. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.
Applies to: Exchange Server 2007, Exchange Server 2007 SP1, Exchange Server 2007 SP2, Exchange Server 2007 SP3
This topic explains how to use the Exchange Management Console or the Exchange Management Shell to enable or disable connection filtering. The Connection Filter agent is an anti-spam agent that is enabled on computers that have the Microsoft Exchange Server 2007 Edge Transport server role installed.
When the Connection Filter agent and the associated connection filtering features are enabled on a computer, the Connection Filter agent filters all messages that come through all Receive connectors on that computer. Only messages that come from external sources are filtered. External sources are defined as non-authenticated sources. These are considered anonymous Internet sources.
The Connection Filter agent is an underlying transport agent that enables the following features:
IP Block list
IP Allow list
IP Block List providers
IP Allow List providers
Each of these features can be enabled or disabled separately.
For more information about how to configure the connection filtering features, see the following topics:
Note
By default, the Connection Filter agent is not enabled on the Hub Transport server. For more information about running the Connection Filter agent on the Hub Transport server, see How to Enable Anti-Spam Functionality on a Hub Transport Server.
Before You Begin
To perform the following procedures on a computer that has the Edge Transport server role installed, you must log on by using an account that is a member of the local Administrators group on that computer.
Also, before you perform these procedures, confirm the following:
You have reviewed Anti-Spam and Antivirus Functionality to understand the general strategy for configuring all anti-spam agents so that they work together efficiently for your organization.
You have read Configuring Connection Filtering.
Procedure
By default, the connection filtering features are enabled on the Edge Transport server for inbound messages that come from the Internet but are not authenticated. As noted above, the Connection Filtering agent must be enabled for the connection filtering features to operate. By default, the Connection Filter agent is enabled on Edge Transport servers. To enable the Connection Filter agent, use the Enable-TransportAgent cmdlet; to disable the Connection Filter agent, use the Disable-TransportAgent cmdlet,
To use the Exchange Management Console to enable or disable connection filtering features
In the Exchange Management Console, click Edge Transport.
In the work pane, click the Anti-spam tab, and then select one of the following:
IP Allow List
IP Allow List Providers
IP Block List
IP Block List Providers
In the action pane, click Enable or Disable as appropriate.
Repeat the steps for each connection filtering data store that you want to enable or disable.
To use the Exchange Management Shell to enable or disable connection filtering features
To enable or disable the IP Allow list, run the following command:
Set-IPAllowListConfig -Enabled <$true | $false>To enable or disable IP Allow List providers, run the following command:
Set-IPAllowListProvider -Enabled <$true | $false>To enable or disable the IP Block list, run the following command:
Set-IPBlockListConfig -Enabled <$true | $false>To enable or disable the IP Block list, run the following command:
Set-IPBlockListProvider -Enabled <$true | $false>
For detailed syntax and parameter information, see the following topics:
For More Information
For more information about how to configure connection filtering, see the following topics: