Exchange SP2 – Connection Filtering that actually works

by Bharat Suneja

I was excited to find out about Connection Filtering (screenshot) in Exchange 2003 – finally I could use RBLs (real-time block lists) without having to dabble with event sinks!! (This is from back in the days when RBLs were still sexy and could keep a good chunk of spam away from your users… )

Connection Filtering works with or without RBLs – you can also specifiy IP addresses manually in a Global Accept and Deny list.

However, in most enterprise environments Exchange does not perform the role of a smtp mail gateway to the Internet. That’s usually assigned to the “more capable and secure” Linux/Unix servers running MTAs like Sendmail or Postfix. So all inbound email delivered to your Exchange servers is from the IP addresses of your own trusted mail gateways. Unfortunately, this renders Exchange’s Connection Filtering useless!

Exchange Server 2003 SP2 changes that – it parses the headers of inbound email for the originating server’s IP address, enabling connection filtering on any inside Exchange server. Bottomline, no matter where you put your Exchange Server 2003 SP2 box, connection filtering will just work!

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post: