Setup Anti-Malware and Anti-Spam in Exchange Server 2016
Updated On - 10 Apr 2020
Exchange Server receives a vast number of emails in business organizations, in addition to sending many emails outside the organization. And Exchange Administrator must secure its mail recipients from external threats like spamming, phishing, virus attacks, and hacking attempts. Microsoft has some inbuilt protection like anti-malware and anti-spam feature which you can configure to safeguard the data.
Anti-spam protection is a feature available in several transport agents like Content Filter Agent, Sender Filter Agent, Sender ID Agent, and Protocol Analysis agent. You need to manually enable them at mailbox server to activate anti-spam protection. NOTE: These agents are by default ‘Enabled’ on Edge Transport Servers.
Anti-malware protection was introduced with the Malware Agent since Exchange Server 2013 and is in ‘Enabled’ state by default on the Exchange Mailbox Servers. So, there is no need to enable it manually.
Let’s dig deep and learn how we can enable the anti-spam protection using various transport agents. But first, understand how they work and protect the data.
Anti-Spam agent for Mailbox Servers
In the typical condition, the Exchange Administrator needs to enable the anti-spam agents on Mailbox Servers when there is no Edge Transport server, or the organization does not have a robust anti-spam protection application. These agents have a priority value, and a lower value indicates a higher priority. Based on the default priority value, here is the order of agents in which they are applied to the messages of the mailbox –
Sender Filter Agent.
In compares the sender server to a list of servers domains which are blocked by your organization.
Sender ID Agent.
It checks the IP address of the sending Server. It also checks the Purported Responsible Address (PRA) to check whether the sending message is clean or not.
Content Filter Agent.
It provides a particular spam confidence level (SCL) to every message to check its legitimacy. It also saves a legitimate message from being recognized as spam messages.
Protocol Analysis Agent.
It checks and provides a sender reputation level to each sender who his sending the message. The sender reputation tells the Administrator about the type of incoming message and whether it is a spam or not.
Installing Anti-spam Agents on Mailbox Servers
You can install all these agents using an Exchange Management Shell script only and here is its whole procedure in a stepwise manner.
Start the Exchange Management Shell on Exchange Server and run the following script.
All these agents work on the mailbox server, and you need to install and configure them manually. But many administrators overlook the importance of anti-spam protection and face severe corruption issues in the Exchange. There is an in-built utility called ESEUTIL to repair the Exchange Server database using multiple switches, but they can further delete the corrupt data rather than recovering it.
Here comes the Kernel for Exchange Server Recovery software at your rescue. It is a specialized data recovery software which can handle any corruption from the Exchange database and bring all the data back to you. It also recovers the accidentally deleted messages and saves them at any desired destination.