Exchange Filtering

To replace existing values:

Set-SenderFilterConfig -BlockedSenders <sender1,sender2...> -BlockedDomains <domain1,domain2...> -BlockedDomainsAndSubdomains <domain1,domain2...>

To add or remove entries without modifying any existing values:

Set-SenderFilterConfig -BlockedSenders @{Add="<sender1>","<sender2>"...; Remove="<sender1>","<sender2>"...} -BlockedDomains @{Add="<domain1>"

To verify:

Get-SenderFilterConfig | Format-List BlockedSenders,BlockedDomains,BlockedDomainsAndSubdomains

Basic Configuration: http://zaliasrobotas.blogspot.com/2013/11/how-to-enable-and-configure-spam-filter.html

https://docs.microsoft.com/en-us/exchange/antispam-and-antimalware/antispam-protection/antispam-on-mailbox-servers

Sender Reputation Configuration: https://technet.microsoft.com/en-us/library/bb125186(v=exchg.150).aspx

Note that we add the external spam filter service CIDR address blocks as 'internal'.

In the Exchange Management Shell:

& $env:ExchangeInstallPath\Scripts\Install-AntiSpamAgents.ps1

Get-TransportConfig | Format-List InternalSMTPServers
Set-TransportConfig -InternalSMTPServers @{Add="10.10.0.2","192.168.1.21","185.201.16.0/22","199.89.0.0/21"}

Get-SenderFilterConfig | fl BlockedSenders, BlockedDomains
Set-SenderFilterConfig -Enabled $true
Set-SenderFilterConfig -BlankSenderBlockingEnabled $true

Get-RecipientFilterConfig | fl BlockedRecipients
Set-RecipientFilterConfig -Enabled $true

Get-RecipientFilterConfig
Set-RecipientFilterConfig -RecipientValidationEnabled $true

Get-ReceiveConnector

Get-ReceiveConnector "EXCH-01\Default Frontend EXCH-01" | fl tar*
Set-ReceiveConnector "EXCH-01\Default Frontend EXCH-01" -TarpitInterval 00:00:06

Get-SenderReputationConfig | Format-List Enabled,*MailEnabled
Set-SenderReputationConfig -Enabled $true

Get-SenderReputationConfig
Set-SenderReputationConfig -SrlBlockThreshold 6 -SenderBlockingPeriod 36

Get-SenderReputationConfig | Format-List ProxyServer*

Restart-Service MSExchangeTransport