![Page 1: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/1.jpg)
24 Hours of Exchange Server 2007 24 Hours of Exchange Server 2007 (Part 13 of 24): Maintaining Anti-(Part 13 of 24): Maintaining Anti-Spam SystemsSpam Systems
Harold [email protected]/haroldwong
Audio: please try Streaming Internet Audio firstIf that doesn’t work, use:
(800) 618-7506: Pin 5800
![Page 2: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/2.jpg)
What We Will CoverWhat We Will Cover
• Understanding anti-spam functionalityUnderstanding anti-spam functionality
• Deploying a defense-in-depth approach Deploying a defense-in-depth approach
• Configuring the anti-spam componentsConfiguring the anti-spam components
![Page 3: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/3.jpg)
AgendaAgenda
• ReviewReview
• Introduction to Anti-Spam ManagementIntroduction to Anti-Spam Management
• Understanding Individual ComponentsUnderstanding Individual Components
![Page 4: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/4.jpg)
Deploying the Edge Transport Deploying the Edge Transport ServerServer
1.1. Message journaling requirementsMessage journaling requirements
2.2. Malicious software scanning approachesMalicious software scanning approaches
3.3. Message storage requirementsMessage storage requirements
4.4. Message processing throughputMessage processing throughput
Which of the following is not a key considerationwhen planning for an Edge Transport server?
![Page 5: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/5.jpg)
Deploying the Edge Transport Deploying the Edge Transport ServerServer
1.1. SMTP Port 25SMTP Port 25
2.2. LDAP Port 50636LDAP Port 50636
3.3. RDP Port 3389RDP Port 3389
4.4. All of the aboveAll of the above
When securing the Edge Transport server, what ports should be open on the Internet facingnetwork adapter?
![Page 6: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/6.jpg)
Deploying the Edge Transport Deploying the Edge Transport ServerServer
1.1. SMTP Port 25SMTP Port 25
2.2. LDAP Port 50636LDAP Port 50636
3.3. RDP Port 3389RDP Port 3389
4.4. All of the aboveAll of the above
When securing the Edge Transport server, what ports should be open on the Corporatefacing network adapter?
![Page 7: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/7.jpg)
Configuring Internet Message Configuring Internet Message DeliveryDelivery
1.1. Active DirectoryActive Directory
2.2. Exchange mailbox databaseExchange mailbox database
3.3. Exchange storage groupExchange storage group
4.4. Active Directory Application Mode (ADAM)Active Directory Application Mode (ADAM)
Where is the recipient and configuration data stored for Exchange Server 2007?
![Page 8: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/8.jpg)
Configuring Internet Message Configuring Internet Message DeliveryDelivery
1.1. Connection filteringConnection filtering
2.2. Sender filteringSender filtering
3.3. Recipient filteringRecipient filtering
4.4. Content filteringContent filtering
Which of the following examines the remote IP address of an inbound message to filter spam attacks?
![Page 9: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/9.jpg)
Configuring Internet Message Configuring Internet Message DeliveryDelivery
1.1. Connection filteringConnection filtering
2.2. Sender filteringSender filtering
3.3. Content filteringContent filtering
4.4. All of the aboveAll of the above
Which of the following uses Microsoft SmartScreen® technology with the Intelligent Message Filter?
![Page 10: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/10.jpg)
AgendaAgenda
• ReviewReview
• Introduction to Anti-Spam ManagementIntroduction to Anti-Spam Management
• Understanding Individual ComponentsUnderstanding Individual Components
![Page 11: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/11.jpg)
Exchange Server 2007 Anti-Exchange Server 2007 Anti-Spam FunctionalitySpam Functionality
Connection filtering Connection filtering
Sender filteringSender filtering
Recipient filteringRecipient filtering
Sender ID filteringSender ID filtering
Content filtering Content filtering
Sender reputation filteringSender reputation filtering
Attachment filteringAttachment filtering
Outlook junk e-mail filtering Outlook junk e-mail filtering
![Page 12: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/12.jpg)
Anti-Spam Mail FlowAnti-Spam Mail Flow
Connection filtering Connection filtering
Sender and recipient filteringSender and recipient filtering
Sender ID filteringSender ID filtering
Content filtering Content filtering
Outlook junk e-mail filtering Outlook junk e-mail filtering
![Page 13: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/13.jpg)
The Defense-in-Depth Approach The Defense-in-Depth Approach
PerimeterPerimeterFirewallFirewall
Edge Edge TransportTransportServerServer
InteriorInteriorFirewallFirewall
HubHubTransportTransportServerServer
MailboxMailboxServerServer
ClientClientAccessAccessServerServer
OutlookOutlookE-mailE-mailFilteringFiltering
![Page 14: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/14.jpg)
Introduction to Anti-Spam Introduction to Anti-Spam ManagementManagement
1.1. Sender reputation filteringSender reputation filtering
2.2. Recipient ID filteringRecipient ID filtering
3.3. Attachment filteringAttachment filtering
4.4. Connection filteringConnection filtering
Q1: Which of the following is not a type of Exchange Server 2007 anti-spam filtering?
![Page 15: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/15.jpg)
Introduction to Anti-Spam Introduction to Anti-Spam ManagementManagement
1.1. Connection filteringConnection filtering
2.2. Sender ID filteringSender ID filtering
3.3. Content filteringContent filtering
4.4. Outlook junk e-mail filteringOutlook junk e-mail filtering
Q2: Which anti-spam filtering feature includes the spam quarantine?
![Page 16: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/16.jpg)
Introduction to Anti-Spam Introduction to Anti-Spam ManagementManagement
1.1. Perimeter firewallPerimeter firewall
2.2. Edge Transport serverEdge Transport server
3.3. Internal firewallInternal firewall
4.4. Connection filteringConnection filtering
Q3: What is considered the first line of defense against spam attacks?
![Page 17: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/17.jpg)
AgendaAgenda
• ReviewReview
• Introduction to Anti-Spam ManagementIntroduction to Anti-Spam Management
• Understanding Individual ComponentsUnderstanding Individual Components
![Page 18: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/18.jpg)
YesYes
No
YesYesYesYes
Connection Filtering Connection Filtering
IPIPallowallowlistlist
IPIPblockblock
listlist
SafeSafeproviderprovider
listlistRBLRBL
No NoNo
![Page 19: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/19.jpg)
Sender and Recipient FilteringSender and Recipient Filtering
YesYesYesYes
OnOnsendersender
filterfilterlistlist
OnOnrecipientrecipient
blockblocklistlist
No No
Delete message Reject via SMTP
![Page 20: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/20.jpg)
Sender ID FilteringSender ID Filtering
No
YesYesNoNo
FromFromblockedblockeddomaindomain
AllowAllowsender IDsender ID
failedfailed
OnOnblockedblockedsendersender
listlist
Yes
No
Delete message Filter message
Yes
Query SPF onQuery SPF onsender’s DNSsender’s DNS
DNS
![Page 21: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/21.jpg)
No No
YesYesYesYes
Content Filtering Content Filtering
SCLSCLexceedsexceedsdeletiondeletion
SCLSCLexceedsexceedsrejectionrejection
No
Apply content filter Apply content filter Assign SCL ratingAssign SCL rating
Delete message Reject via SMTP Send to spam quarantine mailbox
YesYes
SCL SCL exceedsexceeds
quarantinequarantine
Safelist Safelist AggregationAggregation
Microsoftupdate
![Page 22: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/22.jpg)
Configuring Anti-Spam FiltersConfiguring Anti-Spam Filters
Configure connection filteringConfigure connection filtering Configure sender and recipient filteringConfigure sender and recipient filtering Configure sender ID filteringConfigure sender ID filtering
demonstrationdemonstration
![Page 23: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/23.jpg)
DirectoryDirectoryserviceservice
Exchange Server Hosted Exchange Server Hosted Filtering Filtering
Illegitimate sendersIllegitimate senders Spam quarantineSpam quarantine
ExchangeExchangehostedhostedfilteringfiltering
![Page 24: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/24.jpg)
Other Strategies and Techniques Other Strategies and Techniques
Sender reputation filteringSender reputation filtering
Attachment filtering Attachment filtering
Spam quarantineSpam quarantine
Outlook junk e-mail filtering Outlook junk e-mail filtering
![Page 25: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/25.jpg)
Enabling Hub Transport FilteringEnabling Hub Transport Filtering
Set the Hub Transport to receive e-mailSet the Hub Transport to receive e-mail Set the Hub Transport to manage spamSet the Hub Transport to manage spam
demonstrationdemonstration
![Page 26: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/26.jpg)
Understanding Individual Understanding Individual ComponentsComponents
1.1. IP Allow ListIP Allow List
2.2. Safe Provider ListSafe Provider List
3.3. Real-time Block List Real-time Block List
4.4. Spam Quarantine ListSpam Quarantine List
Q1: Which of the following is not a feature of connection filtering?
![Page 27: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/27.jpg)
Understanding Individual Understanding Individual ComponentsComponents
1.1. Connection filteringConnection filtering
2.2. Sender filteringSender filtering
3.3. Sender ID filteringSender ID filtering
4.4. Sender reputation filteringSender reputation filtering
Q2: Which of the following filters do not query outside servers or services?
![Page 28: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/28.jpg)
Understanding Individual Understanding Individual ComponentsComponents
1.1. Sender filteringSender filtering
2.2. Sender ID filteringSender ID filtering
3.3. Content filteringContent filtering
4.4. Sender reputation filteringSender reputation filtering
Q3: Which of the following component level filtering includes safelist aggregation?
![Page 29: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/29.jpg)
Session SummarySession Summary
• Understanding anti-spam functionalityUnderstanding anti-spam functionality
• Fighting spam with defense-in-depthFighting spam with defense-in-depth
• Understanding the eight anti-spam filtersUnderstanding the eight anti-spam filters
![Page 30: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/30.jpg)
Questions and AnswersQuestions and Answers
• Submit text questions using the “Ask” button. Submit text questions using the “Ask” button. • Don’t forget to fill out the survey.Don’t forget to fill out the survey.• For upcoming and previously live webcasts: For upcoming and previously live webcasts:
www.microsoft.com/webcasts
• Got webcast content ideas? Contact us at: Got webcast content ideas? Contact us at: http://go.microsoft.com/fwlink/?LinkId=41781
• Today's webcast was presented using MicrosoftToday's webcast was presented using Microsoft®® Office Live Meeting. Get a free 14-day trial by Office Live Meeting. Get a free 14-day trial by visiting: visiting: www.microsoft.com/presentlive
![Page 31: 24 Hours Of Exchange Server 2007 ( Part 13 Of 24)](https://reader035.vdocuments.site/reader035/viewer/2022062703/554de62fb4c905f6598b45f2/html5/thumbnails/31.jpg)