I’ve been participating in the Garage Series shows with host Jeremy Chapman. Most shows are recorded live at Microsoft events such as TechEd, TechReady (an internal Microsoft technical event), Microsoft Exchange Conference (MEC) and Microsoft SharePoint Conference, on the road (some recent ones have been in Prague and Hong Kong). You can find the shows on Office Blogs – the YouTube videos are embedded in blog posts. The show has a trivia question in the beginning. If you’re attending the show live, you can win prizes for answering the trivia question.
In this week’s Garage Series show, Jeremy and I talk about the top new features in Exchange 2013 SP1.
If you’re attending TechEd North America 2014 in Houston, TX, next week, catch a Garage Series show for some quick infobytes and answer the trivia question for a chance to win some cool prizes. The full schedule for Garage Series at TechEd 2014 is at the end of this post.
Exchange 2003 and later have included Connection Filtering in its repertoire of built-in anitspam tools. In Exchange 2007 and Exchange 2010, this is implemented using the Connection Filtering agent, a transport agent. Connection Filtering agent offers the following functionality:
- IP Allow List and IP Block List: Static lists of IP addresses you can populate to accept or block messages from a particular host (or specifically, a particular IP address)
- IP Allow List Provider and IP Block List Provider.: The DNS-based variants of allow and block lists; the latter allows you to use RBLs/DNSBLs.
For more details, see Understanding Connection Filtering.
In Exchange 2010 & Exchange 2007, if you don’t have an Edge Transport server – the server role designed to be a mail host in perimeter networks or DMZs, you can install antispam agents on your Hub Transport servers.
Exchange 2013 did not include an Edge Transport server role at RTM and does not have the Hub Transport server role. Exchange 2013 does include antispam agents and you can install anti-spam agents on Exchange 2013 Mailbox servers using the installantispamagents.ps1 script in the default \Scripts directory – but it doesn’t install the Connection Filtering Agent.
What happened to the Connection Filtering Agent? The What’s Discontinued in Exchange 2013 article in Exchange 2013 documenation says:
Anti-spam and anti-malware
||Comments and mitigation
|Anti-spam agent management in the EMC
||In Exchange 2010, when you enabled the anti-spam agents on the Hub Transport server, you could manage the anti-spam agents in the Exchange Management Console (EMC). In Exchange 2013, when you enable the anti-spam agents in the Transport service on a Mailbox server, you can’t manage the agents in the Exchange admin center (EAC). You can only use the Exchange Management Shell. For information about how to enable the anti-spam agents on a Mailbox server, see Enable Anti-Spam Functionality on a Mailbox Server.
|Connection Filtering agent on Hub Transport servers
||In Exchange 2010, when you enabled the anti-spam agents on a Hub Transport server, the Attachment Filter agent was the only anti-spam agent that wasn’t available. In Exchange 2013, when you enable the anti-spam agents in the Transport service on a Mailbox server, the Attachment Filter agent and the Connection Filtering agent aren’t available. The Connection Filtering agent provides IP Allow List and IP Block List capabilities. For information about how to enable the anti-spam agents on a Mailbox server, see Enable Anti-Spam Functionality on a Mailbox Server.
In other words, Connection Filtering agent is only available on the Edge Transport server role. Exchange 2013 does not have an Edge Transport server role yet.
If you want to implement Connection Filtering functionality, including RBL/DNSBL support that many organizations find invaluable, here are the options:
- Use a down-level (Exchange 2010/2007) Edge Transport server, which includes Connection Filtering agent.
- Use Microsoft Exchange Online Protection (EOP), an Exchange Online antispam/antimalware service.
You can use Exchange Online Protection (EOP) service with your on-premises Exchange severs. If you have Exchange 2013 Enterprise CAL with Services, it includes EOP service. More info in Exchange Enterprise CAL with Services features in Exchange Online Protection Overview.
- Use a third-party antispam product or service that offers this functionality.