Thursday, December 3, 2009

Content Filtering Agent and Safe list Aggregation

Have you ever received a legitimate e-mail in your junk folder before?
I'm sure yes , and Probably you have added it to the safe sender list in order to get future e-mails from that sender in the inbox instead of the junk,

Select Tools > Option > References > Junk E-mail

You can find that there is more to adjust
  1. You can trust your contacts by checking the “Also trust e-mail from my Contacts” check box, which is checked by default,
  2. You can trust recipients you are mailing to by checking the “Automatically add people I e-mail to the Safe Sender List” check box.
Note: This data is stored in your mailbox with the limit of 3,072 unique entries in Microsoft Exchange Server 2007 Service Pack 1.

Well, this will work fine as long as the e-mail SCL “Spam Confidence Level “ didn’t reach the quarantine, reject or delete level according to your content filtering agent action section prosperities,

So is there any magical way to allow my content filter agent to see my safe sender list so it won’t process mail from that list and I’ll have all my legitimate mails?

Actually there is away, by running the Update-Safelist command from your mailbox server role on the required mailboxes you will add a replica from the safe sender list which exists on your mailbox to active directory database which will be replicated again using the edge sync to the Active Directory Application Mode (ADAM) instance on the Edge Transport server,

How to update my whole environment safe list?

you can copy the following script to a bat file and save it to your desired directory for instance the D:\
":\Windows\System32\WindowsPowershell\v1.0\powershell.exe" -psconsolefile "d:\Program Files\Microsoft\Exchange Server\v14\bin\exshell.psc1" -command "get-mailbox
where {$_.RecipientType -eq [Microsoft.Exchange.Data.Directory.Recipient.RecipientType]::UserMailbox }

Also you can schedule this to run at your desired time for instance every Friday at 10:00 pm using the following
at 22:00 /every: F cmd /c "D:\SafeList.bat"

How to verify that Update-Safelist is working fine?

you can do so by checking any user account using Active Directory Service Interfaces (ADSI) Edit snap-in and finding the value set for the msExchSafeSendersHash attribute , if it was such as 0xac 0xbd 0x03 0xca, is present on the attribute, the user object was updated. If the attribute has a value of , the attribute was not updated

Safe list Aggregation benefits:

  1. Increasing the privacy of your mail environment as you will limit the number of quarantined emails which can be exposed by the exchange administrator or spam account administrator
  2. Decreasing the number of quarantined, rejected and deleted legitimate mails
  3. Increasing performance by excluding the time consumed by the content filtering to process the legitimate emails

Safelist Aggregation does and don’ts:


  1. Plan well for the Safelist Aggregation as by doing so you will add a considerable amount of data to your active directory to be replicated,
  2. Communicate this with your Active Directory administrator so both of you can come up with a good plan and schedule for the Update-Safelist command,
  3. Educate your users not to add senders domains to the sender safe list and only to add senders addresses,
  1.  Don’t use the Update-Safelist command with the Type parameter set to the SafeRecipients or Both values as this will add unnecessary data to your active directory which is the safe recipient list which won’t be processed by your content filtering agent by any mean and just run the Update-Safelist with the default Type parameter which is SafeSenders,
  2. Don’t run the Update-Safelist command during your working hours unless you will run it to very limited number of users.
Time for Microsoft talk

Safelist Aggregation Exchange 2007 Help
How to Configure Safelist Aggregation Exchange 2007 Help

See you soon , Hany Donia