Exchange Edge Default Settings
Ich installiere in der Regel keinen Edge Server, da aus meiner Sicht die AntiSpam und AntiVirus-Funktion nicht zeitgemäß sind. Es gibt hier viele leistungsfähigere Produkte, von denen NoSpamProxy eine Lösung darstellen kann. Microsoft positioniert den Edge Server anscheinend auch nicht mehr als Lösung sondern fördert eher den Einsatz von Exchange Online Protection (Cloud/Office 365) in Verbindung mit Exchange Online oder auch Exchange OnPrem. Wer hier dann den Exchange Server nicht "aus dem Internet" erreichbar machen will, kann den Exchange Edge-Server als Relay einbauen. Ich habe hier einmal die "Default Einstellungen eines Exchange 2016 Edge Server als Referenz dokumentiert. Ich nutze Sie gerne zum Nachschlagen, wenn Einstellungen bei Kunden unterschiedlich und die Defaults nicht bekannt sind.
Achtung: Auf den Edge-Servern sind die verschiedenen Transport-Agenten zur Filterung von Mails (SenderID, SPF, Content, Attachment etc.) per Deffault aktiv.
Edge: Get-TransportConfig
Folgende Einstellungen sind auf dem Edge Server Transporteinstellungen als Standard konfiguriert.
[PS] C:\>Get-TransportConfig AddressBookPolicyRoutingEnabled : False AnonymousSenderToRecipientRatePerHour : 1800 ClearCategories : True ConvertDisclaimerWrapperToEml : False DSNConversionMode : PreserveDSNBody JournalArchivingEnabled : False ExternalDelayDsnEnabled : True ExternalDsnDefaultLanguage : ExternalDsnLanguageDetectionEnabled : True ExternalDsnMaxMessageAttachSize : 10 MB (10,485,760 bytes) ExternalDsnReportingAuthority : ExternalDsnSendHtml : True ExternalPostmasterAddress : GenerateCopyOfDSNFor : {} HygieneSuite : Standard InternalDelayDsnEnabled : True InternalDsnDefaultLanguage : InternalDsnLanguageDetectionEnabled : True InternalDsnMaxMessageAttachSize : 10 MB (10,485,760 bytes) InternalDsnReportingAuthority : InternalDsnSendHtml : True InternalSMTPServers : {} JournalingReportNdrTo : <> LegacyJournalingMigrationEnabled : False LegacyArchiveJournalingEnabled : False LegacyArchiveLiveJournalingEnabled : False RedirectUnprovisionedUserMessagesForLegacyArchiveJournaling : False RedirectDLMessagesForLegacyArchiveJournaling : False MaxDumpsterSizePerDatabase : 18 MB (18,874,368 bytes) MaxDumpsterTime : 7.00:00:00 MaxReceiveSize : Unlimited MaxRecipientEnvelopeLimit : Unlimited MaxRetriesForLocalSiteShadow : 2 MaxRetriesForRemoteSiteShadow : 4 MaxSendSize : 10 MB (10,485,760 bytes) MigrationEnabled : False OpenDomainRoutingEnabled : False RejectMessageOnShadowFailure : False Rfc2231EncodingEnabled : False SafetyNetHoldTime : 00:10:00 ShadowHeartbeatFrequency : 00:02:00 ShadowMessageAutoDiscardInterval : 2.00:00:00 ShadowMessagePreferenceSetting : PreferRemote ShadowRedundancyEnabled : True ShadowResubmitTimeSpan : 03:00:00 SupervisionTags : TLSReceiveDomainSecureList : {} TLSSendDomainSecureList : {} VerifySecureSubmitEnabled : False VoicemailJournalingEnabled : True HeaderPromotionModeSetting : NoCreate Xexch50Enabled : True
Edge: Get-TransportService
Der Transport Service selbst hat folgende Einstellungen:
[PS] C:\>Get-TransportService Name : edge01 AntispamAgentsEnabled : True ConnectivityLogEnabled : True ConnectivityLogMaxAge : 30.00:00:00 ConnectivityLogMaxDirectorySize : 1000 MB (1,048,576,000 bytes) ConnectivityLogMaxFileSize : 10 MB (10,485,760 bytes) ConnectivityLogPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Edge\Connectivity DelayNotificationTimeout : 04:00:00 ExternalDNSAdapterEnabled : True ExternalDNSAdapterGuid : 00000000-0000-0000-0000-000000000000 ExternalDNSProtocolOption : Any ExternalDNSServers : {} ExternalIPAddress : InternalDNSAdapterEnabled : True InternalDNSAdapterGuid : 00000000-0000-0000-0000-000000000000 InternalDNSProtocolOption : Any InternalDNSServers : {} MaxConcurrentMailboxDeliveries : 20 MaxConcurrentMailboxSubmissions : 20 MaxConnectionRatePerMinute : 1200 MaxOutboundConnections : 1000 MaxPerDomainOutboundConnections : 20 MessageExpirationTimeout : 2.00:00:00 MessageRetryInterval : 00:15:00 MessageTrackingLogEnabled : True MessageTrackingLogMaxAge : 30.00:00:00 MessageTrackingLogMaxDirectorySize : 1000 MB (1,048,576,000 bytes) MessageTrackingLogMaxFileSize : 10 MB (10,485,760 bytes) MessageTrackingLogPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\MessageTracking IrmLogEnabled : True IrmLogMaxAge : 30.00:00:00 IrmLogMaxDirectorySize : 250 MB (262,144,000 bytes) IrmLogMaxFileSize : 10 MB (10,485,760 bytes) IrmLogPath : C:\Program Files\Microsoft\Exchange Server\V15\Logging\IRMLogs ActiveUserStatisticsLogMaxAge : 30.00:00:00 ActiveUserStatisticsLogMaxDirectorySize : 250 MB (262,144,000 bytes) ActiveUserStatisticsLogMaxFileSize : 10 MB (10,485,760 bytes) ActiveUserStatisticsLogPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Edge\ActiveUsersStats ServerStatisticsLogMaxAge : 30.00:00:00 ServerStatisticsLogMaxDirectorySize : 250 MB (262,144,000 bytes) ServerStatisticsLogMaxFileSize : 10 MB (10,485,760 bytes) ServerStatisticsLogPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Edge\ServerStats MessageTrackingLogSubjectLoggingEnabled : True OutboundConnectionFailureRetryInterval : 00:30:00 IntraOrgConnectorProtocolLoggingLevel : None PickupDirectoryMaxHeaderSize : 64 KB (65,536 bytes) PickupDirectoryMaxMessagesPerMinute : 100 PickupDirectoryMaxRecipientsPerMessage : 100 PickupDirectoryPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Pickup PipelineTracingEnabled : False ContentConversionTracingEnabled : False PipelineTracingPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Edge\PipelineTracing PipelineTracingSenderAddress : PoisonMessageDetectionEnabled : True PoisonThreshold : 2 QueueMaxIdleTime : 00:03:00 ReceiveProtocolLogMaxAge : 30.00:00:00 ReceiveProtocolLogMaxDirectorySize : 250 MB (262,144,000 bytes) ReceiveProtocolLogMaxFileSize : 10 MB (10,485,760 bytes) ReceiveProtocolLogPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Edge\ProtocolLog\SmtpReceive RecipientValidationCacheEnabled : True ReplayDirectoryPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Replay RootDropDirectoryPath : RoutingTableLogMaxAge : 7.00:00:00 RoutingTableLogMaxDirectorySize : 50 MB (52,428,800 bytes) RoutingTableLogPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Edge\Routing SendProtocolLogMaxAge : 30.00:00:00 SendProtocolLogMaxDirectorySize : 250 MB (262,144,000 bytes) SendProtocolLogMaxFileSize : 10 MB (10,485,760 bytes) SendProtocolLogPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Edge\ProtocolLog\SmtpSend TransientFailureRetryCount : 6 TransientFailureRetryInterval : 00:10:00 AntispamUpdatesEnabled : False InternalTransportCertificateThumbprint : xxxxxxxx TransportSyncEnabled : False TransportSyncPopEnabled : False WindowsLiveHotmailTransportSyncEnabled : False TransportSyncExchangeEnabled : False TransportSyncImapEnabled : False MaxNumberOfTransportSyncAttempts : 3 MaxActiveTransportSyncJobsPerProcessor : 16 HttpTransportSyncProxyServer : HttpProtocolLogEnabled : False HttpProtocolLogFilePath : HttpProtocolLogMaxAge : 7.00:00:00 HttpProtocolLogMaxDirectorySize : 250 MB (262,144,000 bytes) HttpProtocolLogMaxFileSize : 10 MB (10,485,760 bytes) HttpProtocolLogLoggingLevel : None TransportSyncLogEnabled : False TransportSyncLogFilePath : TransportSyncLogLoggingLevel : None TransportSyncLogMaxAge : 30.00:00:00 TransportSyncLogMaxDirectorySize : 10 GB (10,737,418,240 bytes) TransportSyncLogMaxFileSize : 10 MB (10,485,760 bytes) TransportSyncHubHealthLogEnabled : False TransportSyncHubHealthLogFilePath : TransportSyncHubHealthLogMaxAge : 30.00:00:00 TransportSyncHubHealthLogMaxDirectorySize : 10 GB (10,737,418,240 bytes) TransportSyncHubHealthLogMaxFileSize : 10 MB (10,485,760 bytes) TransportSyncAccountsPoisonDetectionEnabled : False TransportSyncAccountsPoisonAccountThreshold : 2 TransportSyncAccountsPoisonItemThreshold : 2 TransportSyncAccountsSuccessivePoisonItemThreshold : 3 TransportSyncRemoteConnectionTimeout : 00:01:40 TransportSyncMaxDownloadSizePerItem : 36 MB (37,748,736 bytes) TransportSyncMaxDownloadSizePerConnection : 50 MB (52,428,800 bytes) TransportSyncMaxDownloadItemsPerConnection : 1000 UseDowngradedExchangeServerAuth : False IntraOrgConnectorSmtpMaxMessagesPerConnection : 20 TransportSyncLinkedInEnabled : False TransportSyncFacebookEnabled : False QueueLogMaxAge : 7.00:00:00 LatencyLogMaxAge : 7.00:00:00 GeneralLogMaxAge : 7.00:00:00 QueueLogMaxDirectorySize : 200 MB (209,715,200 bytes) LatencyLogMaxDirectorySize : 200 MB (209,715,200 bytes) GeneralLogMaxDirectorySize : 200 MB (209,715,200 bytes) QueueLogMaxFileSize : 10 MB (10,485,760 bytes) LatencyLogMaxFileSize : 10 MB (10,485,760 bytes) GeneralLogMaxFileSize : 10 MB (10,485,760 bytes) QueueLogPath : LatencyLogPath : GeneralLogPath : WlmLogMaxAge : 7.00:00:00 WlmLogMaxDirectorySize : 250 MB (262,144,000 bytes) WlmLogMaxFileSize : 10 MB (10,485,760 bytes) WlmLogPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Edge\WLM AgentLogMaxAge : 7.00:00:00 AgentLogMaxDirectorySize : 250 MB (262,144,000 bytes) AgentLogMaxFileSize : 10 MB (10,485,760 bytes) AgentLogPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Edge\AgentLog AgentLogEnabled : True FlowControlLogMaxAge : 7.00:00:00 FlowControlLogMaxDirectorySize : 200 MB (209,715,200 bytes) FlowControlLogMaxFileSize : 10 MB (10,485,760 bytes) FlowControlLogPath : FlowControlLogEnabled : True ProcessingSchedulerLogMaxAge : 7.00:00:00 ProcessingSchedulerLogMaxDirectorySize : 200 MB (209,715,200 bytes) ProcessingSchedulerLogMaxFileSize : 10 MB (10,485,760 bytes) ProcessingSchedulerLogPath : ProcessingSchedulerLogEnabled : True ResourceLogMaxAge : 7.00:00:00 ResourceLogMaxDirectorySize : 200 MB (209,715,200 bytes) ResourceLogMaxFileSize : 10 MB (10,485,760 bytes) ResourceLogPath : ResourceLogEnabled : True DnsLogMaxAge : 7.00:00:00 DnsLogMaxDirectorySize : 100 MB (104,857,600 bytes) DnsLogMaxFileSize : 10 MB (10,485,760 bytes) DnsLogPath : DnsLogEnabled : False JournalLogMaxAge : 7.00:00:00 JournalLogMaxDirectorySize : 200 MB (209,715,200 bytes) JournalLogMaxFileSize : 10 MB (10,485,760 bytes) JournalLogPath : JournalLogEnabled : True TransportMaintenanceLogMaxAge : 7.00:00:00 TransportMaintenanceLogMaxDirectorySize : 200 MB (209,715,200 bytes) TransportMaintenanceLogMaxFileSize : 10 MB (10,485,760 bytes) TransportMaintenanceLogPath : TransportMaintenanceLogEnabled : True TransportHttpLogMaxAge : 7.00:00:00 TransportHttpLogMaxDirectorySize : 250 MB (262,144,000 bytes) TransportHttpLogMaxFileSize : 10 MB (10,485,760 bytes) TransportHttpLogPath : C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Edge\TransportHttp TransportHttpLogEnabled : True RequestBrokerLogMaxAge : 7.00:00:00 RequestBrokerLogMaxDirectorySize : 200 MB (209,715,200 bytes) RequestBrokerLogMaxFileSize : 10 MB (10,485,760 bytes) RequestBrokerLogPath : RequestBrokerLogEnabled : True StorageRESTLogMaxAge : 7.00:00:00 StorageRESTLogMaxDirectorySize : 200 MB (209,715,200 bytes) StorageRESTLogMaxFileSize : 10 MB (10,485,760 bytes) StorageRESTLogPath : StorageRESTLogEnabled : True AgentGrayExceptionLogEnabled : True AgentGrayExceptionLogMaxAge : 7.00:00:00 AgentGrayExceptionLogMaxDirectorySize : 200 MB (209,715,200 bytes) AgentGrayExceptionLogMaxFileSize : 10 MB (10,485,760 bytes) AgentGrayExceptionLogPath : Identity : comgtexedge01 IsValid : True ExchangeVersion : 0.1 (8.0.535.0) DistinguishedName : CN=comgtexedge01,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,CN={GUID} Guid : 09156182-cd2e-4556-924f-3c97cea15967 ObjectCategory : CN=ms-Exch-Exchange-Server,CN=Schema,CN=Configuration,CN={GUID} ObjectClass : {top, server, msExchExchangeServer} OrganizationId : Id : comgtexedge01 OriginatingServer : localhost ObjectState : Unchanged
Edge: Receive Connector
Für den Empfang aus dem Internet sind folgende Einstellungen hinterlegt:
[PS] C:\Windows\system32>Get-ReceiveConnector | fl AuthMechanism : Tls, ExchangeServer Banner : BinaryMimeEnabled : True Bindings : {0.0.0.0:25} ChunkingEnabled : True DefaultDomain : DeliveryStatusNotificationEnabled : True EightBitMimeEnabled : True SmtpUtf8Enabled : True BareLinefeedRejectionEnabled : False DomainSecureEnabled : True EnhancedStatusCodesEnabled : True LongAddressesEnabled : False OrarEnabled : False SuppressXAnonymousTls : False ProxyEnabled : False AdvertiseClientSettings : False Fqdn : edge01.msxfaq.net ServiceDiscoveryFqdn : TlsCertificateName : Comment : Enabled : True ConnectionTimeout : 00:05:00 ConnectionInactivityTimeout : 00:01:00 MessageRateLimit : 600 MessageRateSource : IPAddress MaxInboundConnection : 5000 MaxInboundConnectionPerSource : 20 MaxInboundConnectionPercentagePerSource : 2 MaxHeaderSize : 256 KB (262,144 bytes) MaxHopCount : 60 MaxLocalHopCount : 5 MaxLogonFailures : 3 MaxMessageSize : 36 MB (37,748,736 bytes) MaxProtocolErrors : 5 MaxRecipientsPerMessage : 200 PermissionGroups : AnonymousUsers, ExchangeServers, Partners PipeliningEnabled : True ProtocolLoggingLevel : None RemoteIPRanges : {0.0.0.0-255.255.255.255} RequireEHLODomain : False RequireTLS : False EnableAuthGSSAPI : False ExtendedProtectionPolicy : None LiveCredentialEnabled : False TlsDomainCapabilities : {} Server : edge01 TransportRole : HubTransport RejectReservedTopLevelRecipientDomains : False RejectReservedSecondLevelRecipientDomains : False RejectSingleLabelRecipientDomains : False AcceptConsumerMail : False SizeEnabled : Enabled TarpitInterval : 00:00:05 AuthTarpitInterval : 00:00:05 MaxAcknowledgementDelay : 00:00:30 AdminDisplayName : ExchangeVersion : 0.1 (8.0.535.0) Name : Default internal receive connector edge01 DistinguishedName : CN=Default internal receive connector edge01,CN=SMTP Receive Connectors,CN=Protocols,CN=edge01,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,CN={} Identity : edge01\Default internal receive connector edge01 Guid : GUID ObjectCategory : CN=ms-Exch-Smtp-Receive-Connector,CN=Schema,CN=Configuration,CN={GUID} ObjectClass : {top, msExchSmtpReceiveConnector} OrganizationId : Id : edge01\Default internal receive connector edge01 OriginatingServer : localhost IsValid : True ObjectState : Unchanged
Interessant ist hierbei, dass die Werte für folgende Parameter nicht auf einen Hybrid-Mode optimiert sind.
-MessageRateLimit 600 ` -MaxInboundConnection 5000 ` -MaxInboundConnectionPerSource 20 ` -MaxInboundConnectionPercentagePerSource 2
Gerade wenn der Edge-Server nicht über MX-Record von ganz vielen Systemen entsprechende Mails bekommen sondern von einem einzigen vorgelagerten Smarthost oder Service, dann würde ich die Werte wie folgt hochsetzen
get-receiveconnector | set-receiveconnector ` -MessageRateLimit unlimited ` -MaxInboundConnection 5000 ` -MaxInboundConnectionPerSource unlimited ` -MaxInboundConnectionPercentagePerSource 100
Ansonsten könnte es sein, dass im Eventlog folgendes zu finden ist:
Log Name: Application Source: MSExchangeTransport Date: 11/11/2016 11:37:52 AM Event ID: 1021 Task Category: SmtpReceive Level: Warning Keywords: Classic User: N/A Computer: edge01.msxfaq.de Description: Receive connector Default internal receive connector edge01 rejected an incoming connection from IP address x.x.x.x. The maximum number of connections per source (20) for this connector has been reached by this source IP address.
Edge: SendConnector zum Internet
Zum Versand gibt es auf einem Edge Server in der Regel zwei Connectoren. der erste geht zum Internet. In dem Beispiel sendet der Connector die Mails über zwei unkenntlich gemachte Smarthosts
[PS] C:\>(Get-SendConnector[0]) AddressSpaces : {smtp:*;50} AuthenticationCredential : CloudServicesMailEnabled : False Comment : ConnectedDomains : {} ConnectionInactivityTimeOut : 00:10:00 ConnectorType : Default DNSRoutingEnabled : False DomainSecureEnabled : False Enabled : True ErrorPolicies : Default ForceHELO : False Fqdn : FrontendProxyEnabled : False HomeMTA : HomeMtaServerId : Identity : EdgeSync - MSXFAQ to Internet IgnoreSTARTTLS : False IsScopedConnector : False IsSmtpConnector : True MaxMessageSize : 35 MB (36,700,160 bytes) Name : EdgeSync - MSXFAQ to Internet Port : 25 ProtocolLoggingLevel : None Region : NotSpecified RequireOorg : False RequireTLS : False SmartHostAuthMechanism : None SmartHosts : {[x.x.x.x], [x.x.x.x]} SmartHostsString : [x.x.x.x],[x.x.x.x] SmtpMaxMessagesPerConnection : 20 SourceIPAddress : 0.0.0.0 SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR) SourceTransportServers : {} TlsAuthLevel : TlsCertificateName : TlsDomain : UseExternalDNSServersEnabled : False
Per Default ist keine Quelladresse vorgegeben und es werden maximal 20 Connections pro Zielhost geöffnet. Das sollte auch in Verbindung mit einem Smarthost eigentlich genug sein, da Exchange durchaus mehrere Nachrichten über die gleiche TCP-Connection sendet.
Edge: SendConnector nach Intern
Der zweite Connector leitet alle Mails an die interne Organisation weiter. Der Addressraum "--" ist dafür reserviert
[PS] C:\>(Get-SendConnector)[1] AddressSpaces : {smtp:--;100} AuthenticationCredential : CloudServicesMailEnabled : False Comment : ConnectedDomains : {} ConnectionInactivityTimeOut : 00:10:00 ConnectorType : Default DNSRoutingEnabled : False DomainSecureEnabled : False Enabled : True ErrorPolicies : Default ForceHELO : False Fqdn : FrontendProxyEnabled : False HomeMTA : HomeMtaServerId : Identity : EdgeSync - Inbound to MSXFAQ IgnoreSTARTTLS : False IsScopedConnector : False IsSmtpConnector : True MaxMessageSize : Unlimited Name : EdgeSync - Inbound to MSXFAQ Port : 25 ProtocolLoggingLevel : None Region : NotSpecified RequireOorg : False RequireTLS : False SmartHostAuthMechanism : ExchangeServer SmartHosts : {--} SmartHostsString : -- SmtpMaxMessagesPerConnection : 20 SourceIPAddress : 0.0.0.0 SourceRoutingGroup : Exchange Routing Group (DWBGZMFD01QNBJR) SourceTransportServers : {} TlsAuthLevel : TlsCertificateName : TlsDomain : UseExternalDNSServersEnabled : False
Die Grenzwerte sind hier wie beim externen Connector gesetzt.
Edge: Get-TransportAgent
Ein einfach installierter Edge hat natürlich auch Filter aktiv
[PS] C:\>Get-TransportAgent Identity Enabled Priority -------- ------- -------- Connection Filtering Agent False 1 Address Rewriting Inbound Agent True 2 Edge Rule Agent True 3 Content Filter Agent False 4 Sender Id Agent True 5 Sender Filter Agent False 6 Recipient Filter Agent False 7 Protocol Analysis Agent True 8 Attachment Filtering Agent False 9 Address Rewriting Outbound Agent True 10
Für die meisten Agenten gibt es ein eigenes Commandlet zur Konfiguration.
Es macht einen Unterschied, ob Sie den TransportAgent deaktivieren oder in der Konfiguration die Funktion deaktivieren.
Edge: Get-RecipientFilterConfig
[PS] C:\>Get-RecipientFilterConfig Name : RecipientFilterConfig BlockedRecipients : {} RecipientValidationEnabled : False BlockListEnabled : False Enabled : True ExternalMailEnabled : True InternalMailEnabled : False AdminDisplayName : ExchangeVersion : 0.1 (8.0.535.0) DistinguishedName : CN=RecipientFilterConfig,CN=Message Hygiene,CN=Transport Settings,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,CN={GUID} Identity : RecipientFilterConfig Guid : 69382f4c-fbe0-4792-aa2b-def0b766e042 ObjectCategory : CN=ms-Exch-Message-Hygiene-Recipient-Filter-Config,CN=Schema,CN=Configuration,CN={GUID} ObjectClass : {top, msExchAgent, msExchMessageHygieneRecipientFilterConfig} OrganizationId : Id : RecipientFilterConfig OriginatingServer : localhost IsValid : True ObjectState : Unchanged
Edge: Get-ContentFilterConfig
[PS] C:\>Get-ContentFilterConfig Name : ContentFilterConfig RejectionResponse : Message rejected as spam by Content Filtering. OutlookEmailPostmarkValidationEnabled : True BypassedRecipients : {} QuarantineMailbox : SCLRejectThreshold : 7 SCLRejectEnabled : True SCLDeleteThreshold : 9 SCLDeleteEnabled : False SCLQuarantineThreshold : 9 SCLQuarantineEnabled : False BypassedSenders : {} BypassedSenderDomains : {} Enabled : True ExternalMailEnabled : True InternalMailEnabled : False AdminDisplayName : ExchangeVersion : 0.1 (8.0.535.0) DistinguishedName : CN=ContentFilterConfig,CN=Message Hygiene,CN=Transport Settings,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,CN={24A8D45B-BA42-4019-8C52-2D5942D91DB9} Identity : ContentFilterConfig Guid : 08897d91-84fd-4042-842b-784ce920786d ObjectCategory : CN=ms-Exch-Message-Hygiene-Content-Filter-Config,CN=Schema,CN=Configuration,CN= {24A8D45B-BA42-4019-8C52-2D5942D91DB9} ObjectClass : {top, msExchAgent, msExchMessageHygieneContentFilterConfig} WhenChanged : 12/21/2017 3:27:12 PM WhenCreated : 11/2/2017 8:40:40 AM WhenChangedUTC : 12/21/2017 2:27:12 PM WhenCreatedUTC : 11/2/2017 7:40:40 AM OrganizationId : Id : ContentFilterConfig OriginatingServer : localhost IsValid : True ObjectState : Unchanged
Get-SenderFilterConfig
[PS] C:\>Get-SenderFilterConfig Name : SenderFilterConfig BlockedSenders : {} BlockedDomains : {} BlockedDomainsAndSubdomains : {} Action : Reject BlankSenderBlockingEnabled : False RecipientBlockedSenderAction : Reject Enabled : True ExternalMailEnabled : True InternalMailEnabled : False AdminDisplayName : ExchangeVersion : 0.1 (8.0.535.0) DistinguishedName : CN=SenderFilterConfig,CN=Message Hygiene,CN=Transport Settings,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,CN={24A8D45B-BA42-4019-8C52-2D5942D91DB9} Identity : SenderFilterConfig Guid : 21f0b1e0-3c62-488d-af8c-8a7fd1bf2cfc ObjectCategory : CN=ms-Exch-Message-Hygiene-Sender-Filter-Config,CN=Schema,CN=Configuration,CN={24A8D45B- BA42-4019-8C52-2D5942D91DB9} ObjectClass : {top, msExchAgent, msExchMessageHygieneSenderFilterConfig} WhenChanged : 11/2/2017 8:40:40 AM WhenCreated : 11/2/2017 8:40:40 AM WhenChangedUTC : 11/2/2017 7:40:40 AM WhenCreatedUTC : 11/2/2017 7:40:40 AM OrganizationId : Id : SenderFilterConfig OriginatingServer : localhost IsValid : True ObjectState : Unchanged [PS] C:\Windows\system32>
Get-AttachmentFilterEntry
[PS] C:\>Get-AttachmentFilterEntry |FT -AutoSize Type Name Identity IsValid ObjectState ---- ---- -------- ------- ----------- ContentType application/x-msdownload ContentType:application/x-msdownload True Unchanged ContentType message/partial ContentType:message/partial True Unchanged ContentType text/scriptlet ContentType:text/scriptlet True Unchanged ContentType application/prg ContentType:application/prg True Unchanged ContentType application/msaccess ContentType:application/msaccess True Unchanged ContentType text/javascript ContentType:text/javascript True Unchanged ContentType application/x-javascript ContentType:application/x-javascript True Unchanged ContentType application/javascript ContentType:application/javascript True Unchanged ContentType x-internet-signup ContentType:x-internet-signup True Unchanged ContentType application/hta ContentType:application/hta True Unchanged FileName *.xnk FileName:*.xnk True Unchanged FileName *.wsh FileName:*.wsh True Unchanged FileName *.wsf FileName:*.wsf True Unchanged FileName *.wsc FileName:*.wsc True Unchanged FileName *.vbs FileName:*.vbs True Unchanged FileName *.vbe FileName:*.vbe True Unchanged FileName *.vb FileName:*.vb True Unchanged FileName *.url FileName:*.url True Unchanged FileName *.shs FileName:*.shs True Unchanged FileName *.shb FileName:*.shb True Unchanged FileName *.sct FileName:*.sct True Unchanged FileName *.scr FileName:*.scr True Unchanged FileName *.scf FileName:*.scf True Unchanged FileName *.reg FileName:*.reg True Unchanged FileName *.prg FileName:*.prg True Unchanged FileName *.prf FileName:*.prf True Unchanged FileName *.pif FileName:*.pif True Unchanged FileName *.pcd FileName:*.pcd True Unchanged FileName *.ops FileName:*.ops True Unchanged FileName *.mst FileName:*.mst True Unchanged FileName *.msp FileName:*.msp True Unchanged FileName *.msi FileName:*.msi True Unchanged FileName *.psc2 FileName:*.psc2 True Unchanged FileName *.psc1 FileName:*.psc1 True Unchanged FileName *.ps2xml FileName:*.ps2xml True Unchanged FileName *.ps2 FileName:*.ps2 True Unchanged FileName *.ps11xml FileName:*.ps11xml True Unchanged FileName *.ps11 FileName:*.ps11 True Unchanged FileName *.ps1xml FileName:*.ps1xml True Unchanged FileName *.ps1 FileName:*.ps1 True Unchanged FileName *.msc FileName:*.msc True Unchanged FileName *.mdz FileName:*.mdz True Unchanged FileName *.mdw FileName:*.mdw True Unchanged FileName *.mdt FileName:*.mdt True Unchanged FileName *.mde FileName:*.mde True Unchanged FileName *.mdb FileName:*.mdb True Unchanged FileName *.mda FileName:*.mda True Unchanged FileName *.lnk FileName:*.lnk True Unchanged FileName *.ksh FileName:*.ksh True Unchanged FileName *.jse FileName:*.jse True Unchanged FileName *.js FileName:*.js True Unchanged FileName *.isp FileName:*.isp True Unchanged FileName *.ins FileName:*.ins True Unchanged FileName *.inf FileName:*.inf True Unchanged FileName *.hta FileName:*.hta True Unchanged FileName *.hlp FileName:*.hlp True Unchanged FileName *.fxp FileName:*.fxp True Unchanged FileName *.exe FileName:*.exe True Unchanged FileName *.csh FileName:*.csh True Unchanged FileName *.crt FileName:*.crt True Unchanged FileName *.cpl FileName:*.cpl True Unchanged FileName *.com FileName:*.com True Unchanged FileName *.cmd FileName:*.cmd True Unchanged FileName *.chm FileName:*.chm True Unchanged FileName *.bat FileName:*.bat True Unchanged FileName *.bas FileName:*.bas True Unchanged FileName *.asx FileName:*.asx True Unchanged FileName *.app FileName:*.app True Unchanged FileName *.adp FileName:*.adp True Unchanged FileName *.ade FileName:*.ade True Unchanged
Weitere Links
- Exchange Edge Rolle
- Exchange Edge zurückbauen - Rückbau von Exchange Edge Servern mit Hybridbesonderheiten
- Grundlegendes zu
Nachrichteneinschränkungen und Grenzwerten
für die Nachrichtenrate
https://technet.microsoft.com/de-de/library/bb232205(v=exchg.160).aspx - Antispam- und Antischadsoftwareschutz in
Exchange 2016
https://technet.microsoft.com/de-de/library/jj150481(v=exchg.160).aspx - Verfahren zur Absenderfilterung
https://technet.microsoft.com/de-de/library/bb124087(v=exchg.160).aspx