Exchange2007 Junk Mail Kutusu

Merhabalar,

Clientlerda outlook 2007 mi kurulu?

http://technet.microsoft.com/en-us/library/bb123559.aspx

Try to turn off Junk Filter, reset Outlook, then turn Junk Filter back on.

---

Seems like the junk
rule is not getting created or enabled until you visit OWA junk
settings and enable manually. If your users will log on using Outlook,
the rule will be created and enabled, if not the rule is not there. So
the filter is setting the right SCL, the threshold is there, but the
code that does the "move to junk folder" is not there.

Why this is not provisioned out of the box: because when creating
the rule you need to know the name of the folder ("junk" in english)
and the rule is created with the right name for the folder after the
user logs in, based on the client language.

-------

Exchange 2007 Content Filter: How to move messages to Junk Mail folder

Posted by Bharat Suneja at 5:54 PM

You've setup Exchange Server 2007, and configured the shiny new Content Filter agent
(CFA), which is more than just a rewrite of the equally loved and hated
Intelligent Message Filter (IMF) from Exchange Server 2003. The CFA has
three thresholds - equivalent of Gateway thresholds and (gateway)
actions in IMF. These are: 1) SCLDeleteThreshold 2) SCLRejectThreshold and 3) SCLQuarantineThreshold.

1. SCLDeleteThreshold: Messages with SCL equal to or higher than the SCLDeleteThreshold are deleted silently. To enable the SCLDeleteThreshold:

set-ContentFilterConfig -SCLDeleteThreshold 8 -SCLDeleteEnabled:$true

2. SCLRejectThreshold:
Messages with SCL equal to or higher than the SCLRejectThreshold are
rejected during the SMTP session, after the data is received. In this
case, senders get a NDR. To enable the SCLRejectThreshold:

set-ContentFilterConfig -SCLRejectThreshold 7 -SCLRejectEnabled:$true

In the above case, Exchange doesn't accept the message. After the data is received, it responds with a 500 5.7.1 error and a rejection response (by default this response is: Message rejected due to content restrictions. This rejection message can be configured using the following command (response message used here is for illustration, not a real suggestion - Bharat) :

set-ContentFilterConfig -RejectionResponse "Stop spamming you **!"

The
actual NDR is generated and sent to the sender by the sending host.
What the sending host will see after the message content is sent (and if you actually modified the rejection response based on my example 🙂
500 5.7.1 Stop spamming you **!

Screenshot: Configuring SCL thresholds in Content Filtering properties
Figure 1:
Exchange Server 2007's Content Filtering agent can be configured with
the equivalent of all 3 Gateway actions available in Exchange Server
2003's Intelligent Message Filter (IMF): 1) Delete messages 2) Reject
messages and 4) Quarantine messages

3. SCLQuarantineThreshold:
Messages with SCL equal to or higher than the SCLQuarantineThreshold
are delivered to the quarantine mailbox, provided you have one
configured. To enable the SCLQuarantineThreshold and configure a
quarantine mailbox:

set-ContentFilterConfig
-SCLQuarantineThreshold 6 -SCLQuarantineEnabled:$true
-QuarantineMailbox:[email protected]

This is an improvement over IMF, which had only one gateway action (and one corresponding gateway threshold). The Content Filter agent allows the flexibility of enabling all three actions on the gateway - the rule is: SCLDeleteThreshold > SCLRejectThreshold > SCLQuarantineThreshold.

To get a list of all three SCL values and whether each action is enabled or not, use the following command:

get-ContentFilterConfig | Select SCL*

So where's the equivalent of IMF's Store threshold? (to move messages to users' Junk Mail folders)?

It's called SCLJunkThreshold, and it resides in a different location - in the Organization configuration. It can be set using the set-OrganizationConfig command:

set-OrganizationConfig -SCLJunkThreshold 5

Setting SCLJunkThreshold not intuitive?

Before
you jump to conclusions about this being counter-intuitive, or
confusing - which it may be, consider this - it is in response to the
different server roles in Exchange Server 2007.

The gateway actions - delete, reject and quarantine - can be thought of as message transport actions,
and thus applicable to transport server roles (the Edge server, or the
Hub if you have antispam agents enabled on it). Moving messages to
users' Junk Mail folders can be thought of as something that happens at
the Store, performed by the Mailbox Server role.

Another aspect to
consider when setting the SCLJunkThreshold - if you're in a topology
with an Edge server, the SCLJunkThreshold on the Edge doesn't impact
anything. This needs to be set on your Exchange Org - the Edge server
is not a part of it.

The Defaults:
By default, the SCLJunkThreshold is set to 4. If you have an existing
Exchange Server 2003 SP2 server installed, and you haven't tweaked the
Store threshold, IMF v2's default Store threshold of 8 is used - this
is what you'll see in the Org's SCLJunkThreshold. Given that the
SCLRejectThreshold is set to 7 by default, messages will not move to
users' Junk Mail folder unless the SCLJunkThreshold is lower than the
transport thresholds (i.e. the Delete, Reject and Quarantine thresholds).

How the Junk Mail threshold is calculated: Unlike the transport actions of deleting, rejecting, and quarantining messages - which check for SCL equal to or higher than their respective thresholds, for moving messages to Junk Mail folder the Store checks for SCLs higher than the SCLJunkThreshold. This is consistent with the behavior of IMF in Exchange Server 2003 (read previous post: IMF Confusion - Store threshold rating text in UI).

If you want to disable rejection of messages with SCL of 7 or above, use the following command:

set-ContentFilterConfig -SCLRejectEnabled:$false

-------------

Turning on Filter Junk Email in Exchange 2007 via an OWA Script

In the past I’ve posted a few scripts for setting and reading the OWA junk email filter settings here.
While content filtering and the IMF have changed in Exchange 2007 there
are still no cmdlets that will allow you to flip this option on or off
for users so this little script still can come in handy for various
situations. Because OWA was rewritten from the ground up in Exchange
2007 the old script method no longer works. However the same methods of
reverse engineering the OWA method do work with a few additions.

Using
the MSXML2.ServerXMLHTTP.6.0 object this object is included with the
Microsoft XML Parser (MSXML) and is a better choice for this script
because it firstly supports the ability to ignore any SSL errors that
might happen (eg self signed Certs, Alternate names etc) and it also
handles dealing with the Forms Based Authentication cookie without the
necessity to add additional code. The code still needs to perform the
synthetic forms logon this works similar to 2003 with a few URL tweaks.

Dealing with the Language form for users who have never logged
on to OWA before. Because this script is simulating a user in OWA if
the mailbox your trying to set the junk email settings has never been
logged onto before in OWA then the default language form will be
presented to the user (or the script in this case) asking the person to
choose there timezone and language. What this script does to cater for
this is that it looks for this form in the response if it finds the
form it then uses 2 regular expressions to parse the default values
from the form and then posts these values. One problem this creates is
that the user will nolonger be shown this form when they first logon
anymore this may or may not be a problem for you. If you need for this
form to still appear at first logon there are two options the first is
to delete the OWA storage object in the root of the mailbox using
WebDAV or Neil Hobson posted another method on the Exchange Blog.

The
operation of the script is pretty simple after logging in it tries to
post to the following URL QueryString in the Target Mailbox
“/ev.owa?oeh=1&ns=JunkEmail&ev=Enable” with a body

"<params><fEnbl>1</fEnbl></params>"

This will enable junk email filtering on a mailbox to disable junk email filtering use

"<params><fEnbl>0</fEnbl></params>"

To
use this script you need to hard code the username and password of a
user that has been give delegate access to the target mailbox using
something like this in the Exchange Command Shell

Add-MailboxPermission –Identity ‘Mailbox’ –User ‘User’ –AccessRights FullAccess

Or
has been given Send As and Receive As rights on the target mailbox.
Basically the user needs to be able to open the target mailbox as
another mailbox in OWA you can test if the account you want to use is
going to be work by testing this yourself in OWA. Its also important
that the account that you want to use has logged onto OWA once as well
this is because the Language form would be presented to this user the
first time the user tries to logon to OWA while the script caters for
this for the target user it doesn’t do it for the source so this would
cause a timeout error in the case the source user has never logged on
to OWA. So before using the script you need to configure the following
variables

snServername = "ServerName"
mnMailboxname = "mailbox"
domain = "domain"
strpassword = "password"

In
the snServername variable make sure you use the servername of your CAS
server this may or may not be different from your mailbox server.

The
following variable is for the target mailbox you want to set the
junkemail setting on this should be the primary SMTP address of the
target mailbox

Targetmailbox = "[email protected]"

The
scripts output is pretty verbose you should see the full response
headers outputted for each request the script make this helps if you
ever need to diagnose why the script isn’t working

I’ve put a downloadable copy of the script here the script itself looks like

snServername = "ServerName"
mnMailboxname = "mailbox"
domain = "domain"
strpassword = "password"

strusername = domain & "\" & mnMailboxname
szXml = "destination=https://" & snServername & "/owa/&flags=0&username=" &
strusername
szXml = szXml & "&password=" & strpassword & "&SubmitCreds=Log On&forcedownlevel=0&trusted=0"

set req = createobject("MSXML2.ServerXMLHTTP.6.0")
req.Open "post", "https://" & snServername & "/owa/auth/owaauth.dll", False
req.SetOption 2, 13056
req.send szXml

reqhedrarry = split(req.GetAllResponseHeaders(), vbCrLf,-1,1)
for each ent in reqhedrarry
wscript.echo ent
Next

Call UpdateJunk("[email protected]")

Sub UpdateJunk(mbMailbox)

xmlstr = "<params><fEnbl>1</fEnbl></params>"

req.Open
"POST", "https://" & snServername & "/owa/" & mbMailbox
& "/ev.owa?oeh=1&ns=JunkEmail&ev=Enable",
False
req.setRequestHeader "Content-Type", "text/xml; charset=""UTF-8"""
req.setRequestHeader "Content-Length", Len(xmlstr)
req.send xmlstr
wscript.echo req.status
reqhedrarry = split(req.GetAllResponseHeaders(), vbCrLf,-1,1)
for each ent in reqhedrarry
wscript.echo ent
Next
If InStr(req.responsetext,"name=lngFrm") Then
wscript.echo "Mailbox has not been logged onto before via OWA"
'Create a regular expression object
Dim objRegExp
Set objRegExp = New RegExp

'Set our pattern
objRegExp.Pattern = "<option selected value=""(.*?)"">"
objRegExp.IgnoreCase = True
objRegExp.Global = True

Dim objMatches
Set objMatches = objRegExp.Execute(req.responsetext)
If objMatches.count = 2 then
lcidarry = Split(objMatches(0).Value,Chr(34))
wscript.echo lcidarry(1)
tzidarry = Split(objMatches(1).Value,Chr(34))
wscript.echo tzidarry(1)
pstring = "lcid=" & lcidarry(1) & "&tzid=" & tzidarry(1)
req.Open "POST", "https://" & snServername & "/owa/" & mbMailbox & "/lang.owa",
False
req.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
req.setRequestHeader "Content-Length", Len(pstring)
' req.SetRequestHeader "cookie", reqCadata
req.send pstring
if instr(req.responsetext,"errMsg") then
wscript.echo "Permission Error"
else
wscript.echo req.status
If req.status = 200 and not instr(req.responsetext,"errMsg") Then
Call UpdateJunk(mbMailbox)
Else
wscript.echo "Failed to set Default OWA settings"
End if
end if