内容筛选过程Content filtering procedures

内容筛选评估传入的邮件,以确定邮件是合法邮件还是垃圾邮件。Content filtering evaluates incoming messages to determine if a message is legitimate or spam. 有关内容筛选和内容筛选器代理的详细信息,请参阅 内容筛选For more information about content filtering and the Content Filter agent, see Content filtering.

您可以配置内容筛选的多个方面。例如:You can configure many aspects of content filtering. For example:

  • 对来自内部(经过身份验证)和外部(未经身份验证)源的邮件启用或禁用内容筛选(在默认情况下,对来自外部源的传入邮件启用)。Enable or disable content filtering on messages from internal (authenticated) and external (unauthenticated) sources (it's enabled by default for incoming messages from external sources).

  • 为特定发件人、收件人或源域配置内容筛选例外。Configure exceptions to content filtering for specific senders, recipients, and source domains.

  • 配置要在邮件中查找的允许词组和阻止词组。Configure allowed phrases and blocked phrases to look for in messages.

  • 配置垃圾邮件可信度 (SCL) 阈值,这些阈值说明内容筛选应对邮件执行何种操作(删除、解决或隔离)Configure the spam confidence level (SCL) thresholds that tell what content filtering should do to messages (delete, reject, or quarantine)

在开始之前,您需要知道什么?What do you need to know before you begin?

  • 估计完成每个步骤时间:少于 5 分钟Estimated time to complete each procedure: less than 5 minutes

  • 您必须先获得权限,然后才能执行此过程或多个过程。You need to be assigned permissions before you can perform this procedure or procedures. 若要查看所需的权限,请参阅反垃圾邮件和反恶意软件权限主题中的 "反垃圾邮件功能" 条目。To see what permissions you need, see the "Antispam feature" entry in the Antispam and antimalware permissions topic.

  • 只能使用 PowerShell 执行此过程。 若要了解如何在本地 Exchange 组织中打开 Exchange 命令行管理程序,请参阅 Open the Exchange Management ShellYou can only use PowerShell to perform this procedure. To learn how to open the Exchange Management Shell in your on-premises Exchange organization, see Open the Exchange Management Shell.

  • 默认情况下,邮箱服务器上的传输服务未启用反垃圾邮件功能。一般情况下,只有当您的 Exchange 组织在接受传入的邮件前未事先进行任何反垃圾邮件筛选时,您才需要在邮箱服务器上启用反垃圾邮件功能。有关详细信息,请参阅在邮箱服务器上启用反垃圾邮件功能By default, antispam features aren't enabled in the Transport service on a Mailbox server. Typically, you only enable the antispam features on a Mailbox server if your Exchange organization doesn't do any prior antispam filtering before accepting incoming messages. For more information, see Enable antispam functionality on Mailbox servers.

  • 若要了解本主题中的过程可能适用的键盘快捷键,请参阅 Exchange 管理中心内的键盘快捷键For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center.

提示

遇到问题?请访问以下 Exchange 论坛寻求帮助:Exchange ServerExchange OnlineExchange Online ProtectionHaving problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection.

使用 Exchange 命令行管理程序启用或禁用内容筛选Use the Exchange Management Shell to enable or disable content filtering

若要禁用内容筛选,请运行以下命令:To disable content filtering, run the following command:

Set-ContentFilterConfig -Enabled $false

要启用内容筛选,请运行以下命令:To enable content filtering, run the following command:

Set-ContentFilterConfig -Enabled $true

备注

当禁用内容筛选时,仍会启用基础内容筛选器代理。When you disable content filtering, the underlying Content Filter agent is still enabled. 若要禁用内容筛选器代理,请运行命令Disable-TransportAgent "Content Filter Agent":。To disable the Content Filter agent, run the command: Disable-TransportAgent "Content Filter Agent".

如何判断是否生效?How do you know this worked?

若要验证您是否已成功启用或禁用内容筛选,请运行以下命令来验证 Enabled 属性值:To verify that you have successfully enabled or disabled content filtering, run the following command to verify the Enabled property value:

Get-ContentFilterConfig | Format-List Enabled

使用 Exchange 命令行管理程序对外部邮件启用或禁用内容筛选Use the Exchange Management Shell to enable or disable content filtering for external messages

默认情况下,将对外部邮件启用内容筛选功能。By default, content filtering functionality is enabled for external messages.

若要对外部邮件禁用内容筛选,请运行以下命令:To disable content filtering for external messages, run the following command:

Set-ContentFilterConfig -ExternalMailEnabled $false

若要对外部邮件启用内容筛选,请运行以下命令:To enable content filtering for external messages, run the following command:

Set-ContentFilterConfig -ExternalMailEnabled $true

如何判断是否生效?How do you know this worked?

若要验证是否对外部邮件成功启用或禁用内容筛选,请运行以下命令来验证 ExternalMailEnabled 属性值:To verify that you have successfully enabled or disabled content filtering for external messages, run the following command to verify the ExternalMailEnabled property value:

Get-ContentFilterConfig | Format-List ExternalMailEnabled

使用 Exchange 命令行管理程序为内部邮件启用或禁用内容筛选Use the Exchange Management Shell to enable or disable content filtering for internal messages

最佳做法是,不需要将反垃圾邮件筛选器应用于来自受信任合作伙伴或组织内部的邮件。经常出现筛选器误报的可能。若要降低筛选器错误处理合法电子邮件的可能性,通常应将反垃圾邮件代理配置为仅针对来自不可信源和未知源的邮件运行。As a best practice, you don't need to apply antispam filters to messages from trusted partners or from inside your organization. There's always a chance that the filters will detect false positives. To reduce the chance that filters will mishandle legitimate email messages, you should typically configure antispam agents to only run on messages from untrusted and unknown sources.

若要对内部邮件启用内容筛选,请运行以下命令:To enable content filtering for internal messages, run the following command:

Set-ContentFilterConfig -InternalMailEnabled $true

若要对内部邮件禁用内容筛选,请运行以下命令:To disable content filtering for internal messages, run the following command:

Set-ContentFilterConfig -InternalMailEnabled $false

如何判断是否生效?How do you know this worked?

若要验证是否对内部邮件成功启用或禁用了内容筛选,请运行以下命令来验证 InternalMailEnabled 属性值:To verify that you have successfully enabled or disabled content filtering for internal messages, run the following command to verify the InternalMailEnabled property value:

Get-ContentFilterConfig | Format-List InternalMailEnabled

使用 Exchange 命令行管理程序配置内容筛选的收件人和发件人例外Use the Exchange Management Shell to configure recipient and sender exceptions for content filtering

您可以指定替换现有值的收件人例外和发件人例外,或者您可以在不影响其他现有值的情况下添加或删除特定发件人例外和收件人例外。You can specify recipient and sender exceptions that replace the existing values, or you can add or remove specific sender and recipient exceptions without affecting the other existing values.

若要替换现有值,请使用以下语法:To replace the existing values, use the following syntax:

Set-ContentFilterConfig -BypassedRecipients <recipient1,recipient2...> -BypassedSenders <sender1,sender2...> -BypassedSenderDomains <domain1,domain2...>

本示例在内容筛选中配置以下例外:This example configures the following exceptions in content filtering:

  • 内容筛选不会检查收件人 laura@contoso.com 和 julia@contoso.com。The recipients laura@contoso.com and julia@contoso.com aren't checked by content filtering.

  • 内容筛选不会检查发件人 steve@fabrikam.com 和 cindy@fabrikam.com。The senders steve@fabrikam.com and cindy@fabrikam.com aren't checked by content filtering.

  • 内容筛选不会检查域 nwtraders.com 及所有子域中的所有发件人。All senders in the domain nwtraders.com and all subdomains aren't checked by content filtering.

Set-ContentFilterConfig -BypassedRecipients laura@contoso.com,julia@contoso.com -BypassedSenders steve@fabrikam.com,cindy@fabrikam.com -BypassedSenderDomains *.nwtraders.com

若要在不修改其他现有值的情况下添加或删除条目,请使用以下语法:To add or remove entries without modifying other existing values, use the following syntax:

Set-ContentFilterConfig -BypassedRecipients @{Add="<recipient1>","<recipient2>"...; Remove="<recipient1>","<recipient2>"...} -BypassedSenders @{Add="<sender1>","<sender2>"...; Remove="<sender1>","<sender2>"...} -BypassedSenderDomains @{Add="<domain1>","<domain2>"...; Remove="<domain1>","<domain2>"...}

本示例在内容筛选中配置以下例外:This example configures the following exceptions in content filtering:

  • 将 tiffany@contoso.com 和 chris@contoso.com 添加到内容筛选不检查的现有收件人列表中。Add tiffany@contoso.com and chris@contoso.com to the list of existing recipients who aren't checked by content filtering.

  • 将 joe@fabrikam.com 和 michelle@fabrikam.com 添加到内容筛选不检查的现有发件人列表中。Add joe@fabrikam.com and michelle@fabrikam.com to the list of existing senders who aren't checked by content filtering.

  • 将 blueyonderairlines.com 添加到内容筛选不检查其发件人的现有域列表中。Add blueyonderairlines.com to the list of existing domains whose senders aren't checked by content filtering.

  • 从内容筛选不检查其发件人的现有域列表中删除域 woodgrovebank.com 及所有子域。Remove the domain woodgrovebank.com and all subdomains from the list of existing domains whose senders aren't checked by content filtering.

Set-ContentFilterConfig -BypassedRecipients @{Add="tiffany@contoso.com","chris@contoso.com"} -BypassedSenders @{Add="joe@fabrikam.com","michelle@fabrikam.com"} -BypassedSenderDomains @{Add="blueyonderairlines.com"; Remove="*.woodgrovebank.com"}

如何判断是否生效?How do you know this worked?

若要验证是否已成功配置收件人例外和发件人例外,请运行以下命令来验证属性值:To verify that you have successfully configured the recipient and sender exceptions, run the following command to verify the property values:

Get-ContentFilterConfig | Format-List Bypassed*

使用 Exchange 命令行管理程序为内容筛选配置允许和阻止的短语Use the Exchange Management Shell to configure allowed and blocked phrases for content filtering

若要添加允许和阻止的词语和词组,请使用以下语法:To add allowed and blocked words and phrases, use the following syntax:

Add-ContentFilterPhrase -Influence GoodWord -Phrase <Phrase> -Influence BadWord -Phrase <Phrase>

本示例允许所有包含短语“customer feedback”的邮件。This example allows all messages that contain the phrase "customer feedback".

Add-ContentFilterPhrase -Influence GoodWord -Phrase "customer feedback"

本示例阻止所有包含短语“stock tip”的邮件。This example blocks all messages that contain the phrase "stock tip".

Add-ContentFilterPhrase -Influence BadWord -Phrase "stock tip"

若要删除允许或阻止的词组,请使用以下语法:To remove allowed or blocked phrases, use the following syntax:

Remove-ContentFilterPhrase -Phrase <Phrase>

本示例删除短语“stock tip”:This example removes the phrase "stock tip":

Remove-ContentFilterPhrase -Phrase "stock tip"

如何判断是否生效?How do you know this worked?

若要验证是否已成功配置允许和阻止的词组,请运行以下命令来验证属性值:To verify that you have successfully configured the allowed and block phrases, run the following command to verify the property values:

Get-ContentFilterPhrase | Format-Table -Auto Influence,Phrase

使用 Exchange 命令行管理程序配置内容筛选的 SCL 阈值Use the Exchange Management Shell to configure SCL thresholds for content filtering

若要配置垃圾邮件可信度 (SCL) 阈值和操作,请使用以下语法:To configure the spam confidence level (SCL) thresholds and actions, use the following syntax:

Set-ContentFilterConfig -SCLDeleteEnabled <$true | $false> -SCLDeleteThreshold <Value> -SCLRejectEnabled <$true | $false> -SCLRejectThreshold <Value> -SCLQuarantineEnabled <$true | $false> -SCLQuarantineThreshold <Value>

注意Notes:

  • 删除操作优先于拒绝操作,拒绝操作优先于隔离操作。因此,删除操作的 SCL 阈值应大于拒绝操作的 SCL 阈值,拒绝操作的 SCL 阈值又应大于隔离操作的 SCL 阈值。默认情况下仅启用拒绝操作,其 SCL 阈值为 7。The Delete action takes precedence over the Reject action, and the Reject action takes precedence over the Quarantine action. Therefore, the SCL threshold for the Delete action should be greater than the SCL threshold for the Reject action, which in turn should be greater than the SCL threshold for the Quarantine action. Only the Reject action is enabled by default, and it has the SCL threshold value 7.

  • 隔离操作需要使用垃圾邮件隔离邮箱。The Quarantine action requires a spam quarantine mailbox. 有关详细信息,请参阅配置垃圾邮件隔离邮箱For more information, see Configure a spam quarantine mailbox.

本示例为 SCL 阈值配置以下值:This example configures the following values for the SCL thresholds:

  • 启用删除操作,并且对应 SCL 阈值设置为 9。The Delete action is enabled and the corresponding SCL threshold is set to 9.

  • 启用拒绝操作,并且对应 SCL 阈值设置为 8。The Reject action is enabled and the corresponding SCL threshold is set to 8.

  • 启用隔离操作,并且对应 SCL 阈值设置为 7。The Quarantine action is enabled and the corresponding SCL threshold is set to 7.

Set-ContentFilterConfig -SCLDeleteEnabled $true -SCLDeleteThreshold 9 -SCLRejectEnabled $true -SCLRejectThreshold 8 -SCLQuarantineEnabled $true -SCLQuarantineThreshold 7

如何判断是否生效?How do you know this worked?

若要验证您是否已成功配置 SCL 阈值,请运行以下命令来验证属性值:To verify that you have successfully configured the SCL thresholds, run the following command to verify the property values:

Get-ContentFilterConfig | Format-List SCL*

使用 Exchange 命令行管理程序配置内容筛选的拒绝响应Use the Exchange Management Shell to configure the rejection response for content filtering

当启用拒绝操作时,可以自定义发送给邮件发件人的拒绝响应。拒绝响应不能超过 240 个字符。When the Reject action is enabled, you can customize the rejection response that's sent to the message sender. The rejection response can't exceed 240 characters.

若要配置自定义拒绝响应,请使用以下语法:To configure a custom rejection response, use the following syntax:

Set-ContentFilterConfig -RejectionResponse "<Custom Text>"

本示例配置内容筛选器代理以发送自定义拒绝响应。This example configures the Content Filter agent to send a customized rejection response.

Set-ContentFilterConfig -RejectionResponse "Your message was rejected because it appears to be SPAM."

您如何知道这有效?How do you know this worked?

若要验证您是否已成功配置拒绝响应,请运行以下命令来验证属性值:To verify that you have successfully configured the rejection response, run the following command to verify the property values:

Get-ContentFilterConfig | Format-List *Reject*

使用 Exchange 命令行管理程序启用或禁用 Outlook 电子邮件邮戳Use the Exchange Management Shell to enable or disable Outlook Email Postmarking

Outlook 电子邮件邮戳验证是 Microsoft Outlook 应用于传出邮件以帮助邮件系统区分合法电子邮件和垃圾邮件(减少误报)的计算证明。Outlook Email Postmarking validation is a computational proof that Microsoft Outlook applies to outgoing messages to help messaging systems distinguish legitimate email from junk email (reduce false positives). 邮戳是在 Outlook 2007 中首次引入的,默认情况下在 Outlook 中启用。Postmarking was first introduced in Outlook 2007, and is enabled in Outlook by default.

若要禁用 Outlook 电子邮件邮戳,请运行以下命令:To disable Outlook Email Postmarking, run the following command:

Set-ContentFilterConfig -OutlookEmailPostmarkValidationEnabled $false

若要启用 Outlook 电子邮件邮戳,请运行以下命令:To enable Outlook Email Postmarking, run the following command:

Set-ContentFilterConfig -OutlookEmailPostmarkValidationEnabled $true

您如何知道这有效?How do you know this worked?

若要验证您是否已成功配置 Outlook 电子邮件邮戳,请运行以下命令来验证 OutlookEmailPostmarkValidationEnabled 属性值:To verify that you have successfully configured Outlook Email Postmarking, run the following command to verify the OutlookEmailPostmarkValidationEnabled property value:

Get-ContentFilterConfig | Format-List OutlookEmailPostmarkValidationEnabled