|
exchange
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
IP Allow list provider vs IP Allow listHi!
If I add an IP to IP allow list and I recieve e-mail from that IP / mail server. The mail from that IP is marked with SCL-1 X-MS-Exchange-Organization-Antispam-Report: IPOnAllowList X-MS-Exchange-Organization-SCL: -1 But if I remove this IP from IP Allow list and I use only IP Allow List provider (Yes, that IP is also listed there and the list is working) I do not get this kind of result - it seems e-mail is processed normaly. So how IP Allow List Provider help? How it works? What is a benefit if an IP is on souch list? Thank you, Luka
Show quote
"Luka Manojlovic" <l***@news.manojlovic.net> wrote: It's not checked against the DNS RBLs.>If I add an IP to IP allow list and I recieve e-mail from that IP / mail >server. The mail from that IP is marked with SCL-1 > >X-MS-Exchange-Organization-Antispam-Report: IPOnAllowList >X-MS-Exchange-Organization-SCL: -1 > >But if I remove this IP from IP Allow list and I use only IP Allow List >provider (Yes, that IP is also listed there and the list is working) I do >not get this kind of result - it seems e-mail is processed normaly. > >So how IP Allow List Provider help? How it works? What is a benefit if an IP >is on souch list? Keep in mind that a DNS RBL isn't a "spam filter", it's a "connection filter". It doesn't matter what the contents of the message might be, if it came from an address in the DNS RBL the connection is denied. -- Rich Matheisen MCSE+I, Exchange MVP MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm Don't send mail to this address mailto:h.p***@getronics.com Or to these, either: mailto:h.p***@pinkroccade.com mailto:melvin.mcphucknuc***@getronics.com mailto:melvin.mcphucknuc***@pinkroccade.com But can I somehow "force" exchange to treat the same IPs that are on IP
Allow List as those on IP Allow List proveider list? Becouse if mail comes from IP Allow List it is skiped extra processing... If it arives from IP Allow List Provider list it is processed. Luka Show quote "Rich Matheisen [MVP]" <richnews@rmcons.com.NOSPAM.COM> wrote in message news:oa4bf3p2uhkkjojg6ncr2u25ngc5lc4v95@4ax.com... > "Luka Manojlovic" <l***@news.manojlovic.net> wrote: > >>If I add an IP to IP allow list and I recieve e-mail from that IP / mail >>server. The mail from that IP is marked with SCL-1 >> >>X-MS-Exchange-Organization-Antispam-Report: IPOnAllowList >>X-MS-Exchange-Organization-SCL: -1 >> >>But if I remove this IP from IP Allow list and I use only IP Allow List >>provider (Yes, that IP is also listed there and the list is working) I do >>not get this kind of result - it seems e-mail is processed normaly. >> >>So how IP Allow List Provider help? How it works? What is a benefit if an >>IP >>is on souch list? > > It's not checked against the DNS RBLs. > > Keep in mind that a DNS RBL isn't a "spam filter", it's a "connection > filter". It doesn't matter what the contents of the message might be, > if it came from an address in the DNS RBL the connection is denied. > > -- > Rich Matheisen > MCSE+I, Exchange MVP > MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm > Don't send mail to this address mailto:h.p***@getronics.com > Or to these, either: mailto:h.p***@pinkroccade.com > mailto:melvin.mcphucknuc***@getronics.com > mailto:melvin.mcphucknuc***@pinkroccade.com "Luka Manojlovic" <l***@news.manojlovic.net> wrote: No. They serve different purposes.>But can I somehow "force" exchange to treat the same IPs that are on IP >Allow List as those on IP Allow List proveider list? >Becouse if mail comes from IP Allow List it is skiped extra processing... If You may want to allow email from an IP address to bypass spam>it arives from IP Allow List Provider list it is processed. filtering, but you may not want to allow mail from tha same IP address if the machine's been compromised in some way. How you use those tools is up to you. -- Rich Matheisen MCSE+I, Exchange MVP MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm Don't send mail to this address mailto:h.p***@getronics.com Or to these, either: mailto:h.p***@pinkroccade.com mailto:melvin.mcphucknuc***@getronics.com mailto:melvin.mcphucknuc***@pinkroccade.com Do you know the command to make IPs from IP Allow List Provider to bypass
extra processing? - to make it the same as using IP Allow List? Luka Show quote "Rich Matheisen [MVP]" <richnews@rmcons.com.NOSPAM.COM> wrote in message news:fd8bf31jppj197b65u3a4k672ctpgpssqg@4ax.com... > "Luka Manojlovic" <l***@news.manojlovic.net> wrote: > >>But can I somehow "force" exchange to treat the same IPs that are on IP >>Allow List as those on IP Allow List proveider list? > > No. They serve different purposes. > >>Becouse if mail comes from IP Allow List it is skiped extra processing... >>If >>it arives from IP Allow List Provider list it is processed. > > You may want to allow email from an IP address to bypass spam > filtering, but you may not want to allow mail from tha same IP address > if the machine's been compromised in some way. How you use those tools > is up to you. > > -- > Rich Matheisen > MCSE+I, Exchange MVP > MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm > Don't send mail to this address mailto:h.p***@getronics.com > Or to these, either: mailto:h.p***@pinkroccade.com > mailto:melvin.mcphucknuc***@getronics.com > mailto:melvin.mcphucknuc***@pinkroccade.com "Luka Manojlovic" <l***@news.manojlovic.net> wrote: Command? Are you running Exchange 2007? Exchange 2003 would use the>Do you know the command to make IPs from IP Allow List Provider to bypass >extra processing? - to make it the same as using IP Allow List? GUI to make the addition. -- Rich Matheisen MCSE+I, Exchange MVP MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm Don't send mail to this address mailto:h.p***@getronics.com Or to these, either: mailto:h.p***@pinkroccade.com mailto:melvin.mcphucknuc***@getronics.com mailto:melvin.mcphucknuc***@pinkroccade.com Exhange 2007, 2003 does not have IP Allow List Provider?!? Or am I wrong?
So is it possible to tell Exchange 2007 that IPs that he can find on IP Allow List Provider are secure sources of e-mail and e-mail is treated as "safe" - no processing? Luka Show quote "Rich Matheisen [MVP]" <richnews@rmcons.com.NOSPAM.COM> wrote in message news:921ef3pa7bp6bjd50r12n8lpdpqf79g0do@4ax.com... > "Luka Manojlovic" <l***@news.manojlovic.net> wrote: > >>Do you know the command to make IPs from IP Allow List Provider to bypass >>extra processing? - to make it the same as using IP Allow List? > > Command? Are you running Exchange 2007? Exchange 2003 would use the > GUI to make the addition. > > -- > Rich Matheisen > MCSE+I, Exchange MVP > MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm > Don't send mail to this address mailto:h.p***@getronics.com > Or to these, either: mailto:h.p***@pinkroccade.com > mailto:melvin.mcphucknuc***@getronics.com > mailto:melvin.mcphucknuc***@pinkroccade.com - Exchange 2003 has Global Accept and Global Deny lists on the Connection
Filtering tab. - The difference is in Exchange 2003 their scope is "global" - they impact all SMTP virtual servers that have Connection Filtering enabled. - In Exchange Server 2007, the scope of IP Allow and Deny lists is local/server. - You can change the priority of a transport agent, not its behaviour. To do that, you would have to write your own transport agent. -- Show quoteBharat Suneja MVP - Exchange www.zenprise.com NEW blog location: exchangepedia.com/blog ---------------------------------------------- "Luka Manojlovic" <l***@news.manojlovic.net> wrote in message news:fd7pmb$6oj$1@registered.motzarella.org... > Exhange 2007, 2003 does not have IP Allow List Provider?!? Or am I wrong? > > So is it possible to tell Exchange 2007 that IPs that he can find on IP > Allow List Provider are secure sources of e-mail and e-mail is treated as > "safe" - no processing? > > Luka > > "Rich Matheisen [MVP]" <richnews@rmcons.com.NOSPAM.COM> wrote in message > news:921ef3pa7bp6bjd50r12n8lpdpqf79g0do@4ax.com... >> "Luka Manojlovic" <l***@news.manojlovic.net> wrote: >> >>>Do you know the command to make IPs from IP Allow List Provider to bypass >>>extra processing? - to make it the same as using IP Allow List? >> >> Command? Are you running Exchange 2007? Exchange 2003 would use the >> GUI to make the addition. >> >> -- >> Rich Matheisen >> MCSE+I, Exchange MVP >> MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm >> Don't send mail to this address mailto:h.p***@getronics.com >> Or to these, either: mailto:h.p***@pinkroccade.com >> mailto:melvin.mcphucknuc***@getronics.com >> mailto:melvin.mcphucknuc***@pinkroccade.com > > "Luka Manojlovic" <l***@news.manojlovic.net> wrote: It's a good thing to say which release/SP of Exchange you're using>Exhange 2007, 2003 does not have IP Allow List Provider?!? when you ask a question. The answers you get are often quite different based on that information. >Or am I wrong? E2K3 has no IP Whitelist Provider.>So is it possible to tell Exchange 2007 that IPs that he can find on IP The E2K7 "IP Allow List Provider" should be the equivilant of the "IP>Allow List Provider are secure sources of e-mail and e-mail is treated as >"safe" - no processing? Allow List". The difference being that one is a DNS based list and the other a static list. -- Rich Matheisen MCSE+I, Exchange MVP MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm Don't send mail to this address mailto:h.p***@getronics.com Or to these, either: mailto:h.p***@pinkroccade.com mailto:melvin.mcphucknuc***@getronics.com mailto:melvin.mcphucknuc***@pinkroccade.com Sorry, I forgot the version... Yes, I am using Exchange 2007 (without SP1
beta) Here is a trick... It does not work the same. It has different behaviour. Luka Show quote "Rich Matheisen [MVP]" <richnews@rmcons.com.NOSPAM.COM> wrote in message news:nfpgf31jpue641ucmrvn79mtsqbsvp2lcm@4ax.com... > "Luka Manojlovic" <l***@news.manojlovic.net> wrote: > >>Exhange 2007, 2003 does not have IP Allow List Provider?!? > > It's a good thing to say which release/SP of Exchange you're using > when you ask a question. The answers you get are often quite different > based on that information. > >>Or am I wrong? > > E2K3 has no IP Whitelist Provider. > >>So is it possible to tell Exchange 2007 that IPs that he can find on IP >>Allow List Provider are secure sources of e-mail and e-mail is treated as >>"safe" - no processing? > > The E2K7 "IP Allow List Provider" should be the equivilant of the "IP > Allow List". The difference being that one is a DNS based list and the > other a static list. > > -- > Rich Matheisen > MCSE+I, Exchange MVP > MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm > Don't send mail to this address mailto:h.p***@getronics.com > Or to these, either: mailto:h.p***@pinkroccade.com > mailto:melvin.mcphucknuc***@getronics.com > mailto:melvin.mcphucknuc***@pinkroccade.com "Luka Manojlovic" <l***@news.manojlovic.net> wrote: I'm afraid I won't be of much help with that. I don't use Exchange as>Sorry, I forgot the version... Yes, I am using Exchange 2007 (without SP1 >beta) > >Here is a trick... It does not work the same. It has different behaviour. a spam filter or a connection control point. While I can see the benefit of using a static (or even a dynamic) IP address block, the use of an IP address to whitelist messages from /every/ check doesn't appeal to me. I've /had/ to do that, but I don't think I've got more than 20 such IP whitelistings. I don't mind whitelisting IPs from some subset of the checks we use, but I'd much rather see the sender correct the problem. -- Rich Matheisen MCSE+I, Exchange MVP MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm Don't send mail to this address mailto:h.p***@getronics.com Or to these, either: mailto:h.p***@pinkroccade.com mailto:melvin.mcphucknuc***@getronics.com mailto:melvin.mcphucknuc***@pinkroccade.com  |
|||||||||||||||||||||||
Other interesting topics