Exchange Server Toolbox
Hello and welcome to our Knowledge Base. Our experts provide answers to the most frequently asked questions of our customers. Start your information search here to find your answer quickly and easily.
Please enter your query or select one of the above categories.
All entries (Page 1 / 2)
ClamAV does no longer update its signatures. Even starting freshclam.exe manually fails.
One source which may cause this problem are the ClamAV mirror servers. To solve the problem, please delete the following file:
The spam report contains:
"URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked."
URIBL provides public lookups over DNS for low volume usage. If you spam check a large amount of email, or you use a shared DNS platform for resolution, you may receive a response saying the query was refused. That said, Public DNS providers such as OpenDNS or Google Public DNS are effected due to the high volume of queries they generate, as are many other internet service providers (ISP) that use caching nameservers for their customer base.
To guarantee full functionality of SpamAssassin, forwarding should be implemented for the following domains:
See: http://www.jam-software.com/spamassassin_in_a_box/online_manual/EN/configuredns.html for more information.
Is there anyway I can get the documentation for your products to assess their capabilities without installing them?
I installed and noticed that some of the emails are not getting
tagged with "SPAM " in the subject. I did not turn off
Intelligent Message Filter on Exchange. Should I turn off
Intelligent Message Filter?
Also, what is the best way to a .eml back to the recipient if it is a false positive email? If I send it again it gets caught by the spam filter again.
The ExchangeServer Toolbox "works before" the IMF. So if you like to use IMF together with the Exchange Server Toolbox it 's ok. The SpamAssassin used by the Exchange Server Toolbox adds mail headers to every scanned mail and the spam report to the event log . So if you have false positives you should have a look at the mail header or in the log of the Exchange Server Toolbox which SpamAssassin spam rules matched on that mail and should train the bayes filter. Eml files from the backup can easily be "send" to the Exchange Server again by using the Exchange Server Pickup folder. Where you can find the pickup folder depends on the Exchange Server version you use and its configuration.See: Microsoft Technet
How can I update ClamAV myself?
You may update the dlls and exe files (C:\Programs\Common Files\JAM Software\ClamAV) of ClamAV your self by getting them from the ClamWin (http://www.clamwin.com/ ) project. But we do not give any support for this. It may cause no virus to be detected or any mail/file be detected as virus. We once had this situation when ClamWin changed some interfaces which did not result in error, just in such a strange behavior.
Hint: The virus signature files used by ClamAV are updated automatically at least every 3 hours.
How do I setup Exchange server toolbox to use blocklists?
The integrated SpamAssassin does automatically use RBL 's.You can see this by having a look at the mail header of a spam mail scanned by the Exchange Server Toolbox:
* 0.9 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
* -2.0 AWL AWL: From: address is inthe auto white-list
The ExchangeServer Toolbox for Exchange Server 2003 does not allow to block/refuse mails, so mails can only be tagged, saved to HD, redirected to another mail address etc.. But the Exchange Server Toolbox for Exchange Server 2007 and newer can do this.
Is it possible to alter the standard SpamAssassin rules? So i can weigh a rule with less, or more points.Is there a way to update SpamAssassin or ClamAV, or is this happening automatically?
Yes, you can adjust the SpamAssassin rules as you like.
You can use the build in custom SpamAssassin config file editor which you can find under Spam Options to create a .cf-file suited to your needs.
For further references see:
Alternatively you can create a .cf-file manually and store it together with all the other .cf-files.
We recommend to use the letter "X" as prefix for the name of your CF-file (like"XMyRules.cf").
SpamAssassin as well as ClamAVdoes already update its rules / virus signatures every 3 hours automatically.
I’m quite satisfied with the spam recognition provided by the Exchange Server Toolbox. Nevertheless I have to accept every spam mail for recognition an training purposes – which creates some traffic, given the huge amount of spam floating around. Wouldn’t it be better, if we could use grey listing in the Toolbox?
Grey listing seems to work on first glance, but actually it’s efficiency is declining. On one hand, many spammer have adapted, esp. spam bots can circumvent grey listing by multiple delivery attempts. On the other hand will grey listing increase the traffic, enlarge delivery times and cut down delivery dependency. So, most experts advice on NOT using grey listing, because it produces more trouble than it prevents. Best way for disburdening the internet from spam is to throw it away after acception.
Can I create my own SpamAssassin rules, and where can I store them?
Yes, you can use the build in custom SpamAssassin config file editor which you can find under Spam Options to create a .cf-file suited to your needs.
For further references see:
Alternatively you can create a .cf-file manually and store it together with all the other .cf-files. Because SpamAssassinprocesses the .cf-files in alphabetical order, you should call your own.cf-file in a way, that it will be processed last (e.g. use x, y, z as firstletter of your file’s name : XMySettings.cf).
Can I set my own scores for Spam recognition?
Yes, you can. Place your own score best in local.cf, so they will overwritethe default values.
Will the rules of the Exchange Server Toolbox be evaluated, before the Exchange Server lets a message bounce, because of a non-existing addressee?
Yes, the Exchange Server Toolbox takes action right after SMTP receiving.
Can I install the administration interface of the Exchange Server Toolbox on any client in the network, or just on the Exchange Server machine?
Sorry, the administration interface will work only on the Exchange Server machine.