When I installed Exchange Server 2003, I expected it to block some of the spam we've been getting, but it doesn't seem to be working. What can you tell me about Exchange 2003's spam filtering capabilities?

You can group Exchange 2003's spam-filtering features into three distinct categories:

  • Connection-control features let you specify which IP addresses or domains can (or can't) send mail to your users. When you specify an IP address or domain that should be allowed or blocked, Exchange 2003 shares that setting with all other Exchange 2003 servers in your organization. This feature is useful when you want to block messages from a known domain.
  • The DNS Real-Time Block List (RBL) feature lets you instruct the server to check all incoming connections against a list of IP addresses belonging to or used by known spammers. You can use a third-party RBL service such as the Distributed Server Boycott List (http://www.dsbl.org) or the Mail Abuse Prevention System (MAPS—http://www.mail-abuse.org), or you can create your own RBL on your local DNS server.
  • Sender-control features let you specify which senders the server should treat as spammers by using the Junk Senders list and which senders the server should treat as valid by using the Trusted Senders list. Exchange maintains these lists on a per-mailbox basis rather than a per-server basis so that individual users can control who's on their good and bad lists. Outlook 2003 and Outlook Web Access (OWA) 2003 can share these lists, which is handy for users who frequently switch between both mail clients.

Out of the box, Exchange 2003 doesn't check the content of inbound messages to determine whether they look like spam; for that, you must install and use a third-party product. However, Microsoft did extend the Exchange event sink interface to provide a new property called the Spam Confidence Level (SCL). Third-party filters set the SCL on messages according to whatever filtering methods they use; the Store can then use the SCL to determine whether to file a message in the Junk Mail folder or treat the message as appropriate mail.