Share via


Enable or Disable Connection Filtering

 

Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

The Connection Filter agent is an anti-spam agent that's enabled on computers that have the Microsoft Exchange Server 2010 Edge Transport server role installed.

When the Connection Filter agent and the associated connection filtering features are enabled on a computer, the Connection Filter agent filters all messages that come through all Receive connectors on that computer. Only messages that come from external sources are filtered. External sources are defined as non-authenticated sources. These are considered anonymous Internet sources.

The Connection Filter agent is an underlying transport agent that enables the following features:

  • IP Block list

  • IP Allow list

  • IP Block List providers

  • IP Allow List providers

Each of these features can be enabled or disabled separately.

For more information about how to configure the connection filtering features, see the following topics:

Looking for other management tasks related to anti-spam and antivirus features? Check out Managing Anti-Spam and Antivirus Features.

Note

By default, the connection filtering features are enabled on the Edge Transport server for inbound messages that come from the Internet but aren't authenticated. The Connection Filtering agent must be enabled for the connection filtering features to operate. By default, the Connection Filter agent is enabled on Edge Transport servers. To enable the Connection Filter agent, use the Enable-TransportAgent cmdlet. To disable the Connection Filter agent, use the Disable-TransportAgent cmdlet.

Prerequisites

Review Understanding Anti-Spam and Antivirus Functionality to understand the general strategy for configuring all anti-spam agents so that they work together efficiently for your organization.

Use the EMC to enable or disable connection filtering

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Anti-spam features" entry in the Transport Permissions topic.

  1. In the console tree, click Edge Transport.

  2. In the work pane, click the Anti-spam tab, and then select one of the following:

    • IP Allow List

    • IP Allow List Providers

    • IP Block List

    • IP Block List Providers

  3. In the action pane, click Enable or Disable as appropriate.

  4. Repeat the steps for each connection filtering data store that you want to enable or disable.

Use the Shell to enable or disable connection filtering

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Anti-spam features" entry in the Transport Permissions topic.

This example enables or disables the IP Allow list.

Set-IPAllowListConfig -Enabled <$true | $false>

This example enables or disables IP Allow List providers.

Set-IPAllowListProvider -Enabled <$true | $false>

This example enables or disables the IP Block list.

Set-IPBlockListConfig -Enabled <$true | $false>

This example enables or disables the IP Block List providers.

Set-IPBlockListProvider -Enabled <$true | $false>

For detailed syntax and parameter information, see the following topics:

 © 2010 Microsoft Corporation. All rights reserved.