发件人筛选过程Sender filtering procedures

发件人筛选通过将阻止的发件人列表与 SMTP 连接中的MAIL FROM命令的值进行比较来筛选入站邮件。Sender filtering filters inbound messages by comparing a list of blocked senders to the value of the MAIL FROM command in SMTP connections. 有关发件人筛选和发件人筛选器代理的详细信息,请参阅发件人筛选For more information about sender filtering and the Sender Filter agent, see Sender filtering.

您可以配置发件人筛选的多个方面。You can configure many aspects of sender filtering. 例如:For example:

  • 对来自内部(经过身份验证)和外部(未经身份验证的)源的入站邮件启用或禁用发件人筛选(默认情况下为来自外部源的邮件启用)。Enable or disable sender filtering on inbound messages from internal (authenticated) and external (unauthenticated) sources (it's enabled by default for messages from external sources).

  • 配置阻止的发件人和阻止的域。Configure blocked senders and blocked domains.

  • 指定是否阻止发件人为空的邮件。Specify whether to block messages with blank senders.

  • 配置发件人筛选对包含阻止的发件人或域的邮件所执行的操作。Configure the action that sender filtering takes on messages that contain blocked senders or domains.

在开始之前,您需要知道什么?What do you need to know before you begin?

  • 估计完成每个步骤时间:5 分钟Estimated time to complete each procedure: 5 minutes

  • 您必须先获得权限,然后才能执行此过程或多个过程。You need to be assigned permissions before you can perform this procedure or procedures. 若要查看所需的权限,请参阅反垃圾邮件和反恶意软件权限主题中的 "反垃圾邮件功能" 条目。To see what permissions you need, see the "Antispam features" entry in the Antispam and antimalware permissions topic.

  • 只能使用 PowerShell 执行此过程。 若要了解如何在本地 Exchange 组织中打开 Exchange 命令行管理程序,请参阅 Open the Exchange Management ShellYou can only use PowerShell to perform this procedure. To learn how to open the Exchange Management Shell in your on-premises Exchange organization, see Open the Exchange Management Shell.

  • 默认情况下,邮箱服务器上的传输服务未启用反垃圾邮件功能。一般情况下,只有当您的 Exchange 组织在接受传入的邮件前未事先进行任何反垃圾邮件筛选时,您才需要在邮箱服务器上启用反垃圾邮件功能。有关详细信息,请参阅在邮箱服务器上启用反垃圾邮件功能By default, antispam features aren't enabled in the Transport service on a Mailbox server. Typically, you only enable the antispam features on a Mailbox server if your Exchange organization doesn't do any prior antispam filtering before accepting incoming messages. For more information, see Enable antispam functionality on Mailbox servers.

  • 若要了解本主题中的过程可能适用的键盘快捷键,请参阅 Exchange 管理中心内的键盘快捷键For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center.

提示

遇到问题?请访问以下 Exchange 论坛寻求帮助:Exchange ServerExchange OnlineExchange Online ProtectionHaving problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection.

使用 Exchange 命令行管理程序启用或禁用发件人筛选Use the Exchange Management Shell to enable or disable sender filtering

若要禁用发件人筛选,请运行以下命令:To disable sender filtering, run the following command:

Set-SenderFilterConfig -Enabled $false

若要启用发件人筛选,请运行以下命令:To enable sender filtering, run the following command:

Set-SenderFilterConfig -Enabled $true

备注

当禁用发件人筛选时,仍会启用基础发件人筛选器代理。When you disable sender filtering, the underlying Sender Filter agent is still enabled. 若要禁用发件人筛选器代理,请运行命令: Disable-TransportAgent "Sender Filter Agent"To disable the Sender Filter agent, run the command: Disable-TransportAgent "Sender Filter Agent".

如何判断是否生效?How do you know this worked?

若要验证您是否已成功启用或禁用发件人筛选,请运行以下命令来验证enabled属性值:To verify that you have successfully enabled or disabled sender filtering, run the following command to verify the Enabled property value:

Get-SenderFilterConfig | Format-List Enabled

使用 Exchange 命令行管理程序启用或禁用外部连接的发件人筛选Use the Exchange Management Shell to enable or disable sender filtering for external connections

默认情况下,对外部(未经身份验证) SMTP 连接启用发件人筛选。By default, sender filtering is enabled for external (unauthenticated) SMTP connections.

若要禁用对外部连接的发件人筛选,请运行以下命令:To disable sender filtering for external connections, run the following command:

Set-SenderFilterConfig -ExternalMailEnabled $false

若要对外部连接启用发件人筛选,请运行以下命令:To enable sender filtering for external connections, run the following command:

Set-SenderFilterConfig -ExternalMailEnabled $true

如何判断是否生效?How do you know this worked?

若要验证您是否已成功启用或禁用外部 SMTP 连接的发件人筛选,请运行以下命令来验证ExternalMailEnabled属性值:To verify that you have successfully enabled or disabled sender filtering for external SMTP connections, run the following command to verify the ExternalMailEnabled property value:

Get-SenderFilterConfig | Format-List ExternalMailEnabled

使用 Exchange 命令行管理程序为内部连接启用或禁用发件人筛选Use the Exchange Management Shell to enable or disable sender filtering for internal connections

最佳做法是,不要将反垃圾邮件筛选器应用于来自受信任合作伙伴或组织内部的邮件。若要降低筛选器错误处理合法电子邮件的可能性,通常应将反垃圾邮件代理配置为仅针对来自外部源的邮件运行。As a best practice, you don't need to apply antispam filters to messages from trusted partners or from inside your organization. To reduce the chance that filters will mishandle legitimate email messages, you typically configure antispam agents to only run on messages from external sources.

若要对内部(经过身份验证) SMTP 连接启用发件人筛选,请运行以下命令:To enable sender filtering for internal (authenticated) SMTP connections, run the following command:

Set-SenderFilterConfig -InternalMailEnabled $true

若要禁用内部连接的发件人筛选,请运行以下命令:To disable sender filtering for internal connections, run the following command:

Set-SenderFilterConfig -InternalMailEnabled $false

如何判断是否生效?How do you know this worked?

若要验证您是否已成功启用或禁用内部 SMTP 连接的发件人筛选,请运行以下命令来验证InternalMailEnabled属性值:To verify that you have successfully enabled or disabled sender filtering for internal SMTP connections, run the following command to verify the InternalMailEnabled property value:

Get-SenderFilterConfig | Format-List InternalMailEnabled

使用 Exchange 命令行管理程序为发件人筛选配置阻止的发件人和域Use the Exchange Management Shell to configure blocked senders and domains for sender filtering

您可以指定被阻止的发件人和域替换现有值,也可以在不影响其他现有值的情况下添加或删除特定的阻止发件人和域。You can specify blocked senders and domains that replace the existing values, or you can add or remove specific blocked senders and domains without affecting the other existing values.

若要替换现有值,请使用以下语法:To replace the existing values, use the following syntax:

Set-SenderFilterConfig -BlockedSenders <sender1,sender2...> -BlockedDomains <domain1,domain2...> -BlockedDomainsAndSubdomains <domain1,domain2...>

此示例将配置发件人筛选器代理,以阻止来自 kim@contoso.com 和 john@contoso.com 的邮件、来自 fabrikam.com 域的邮件以及来自 northwindtraders.com 及其所有子域的邮件。This example configures the Sender Filter agent to block messages from kim@contoso.com and john@contoso.com, messages from the fabrikam.com domain, and messages from northwindtraders.com and all its subdomains.

Set-SenderFilterConfig -BlockedSenders kim@contoso.com,john@contoso.com -BlockedDomains fabrikam.com -BlockedDomainsAndSubdomains northwindtraders.com

若要在不修改其他现有值的情况下添加或删除条目,请使用以下语法:To add or remove entries without modifying other existing values, use the following syntax:

Set-SenderFilterConfig -BlockedSenders @{Add="<sender1>","<sender2>"...; Remove="<sender1>","<sender2>"...} -BlockedDomains @{Add="<domain1>","<domain2>"...; Remove="<domain1>","<domain2>"...} -BlockedDomainsAndSubdomains @{Add="<domain1>","<domain2>"...; Remove="<domain1>","<domain2>"...}

本示例将使用以下信息配置发件人筛选器代理:This example configures the Sender Filter agent with the following information:

  • 将 chris@contoso.com 和 michelle@contoso.com 添加到被阻止的现有发件人列表。Add chris@contoso.com and michelle@contoso.com to the list of existing senders who are blocked.

  • 从被阻止的现有发件人域列表中删除 tailspintoys.com。Remove tailspintoys.com from the list of existing sender domains that are blocked.

  • 将 blueyonderairlines.com 添加到被阻止的现有发件人域和子域列表。Add blueyonderairlines.com to the list of existing sender domains and subdomains that are blocked.

Set-SenderFilterConfig -BlockedSenders @{Add="chris@contoso.com","michelle@contoso.com"} -BlockedDomains @{Remove="tailspintoys.com"} -BlockedDomainsAndSubdomains @{Add="blueyonderairlines.com"}

如何判断是否生效?How do you know this worked?

若要验证是否已成功配置阻止的发件人,请运行以下命令来验证属性值:To verify that you have successfully configured blocked senders, run the following command to verify the property values:

Get-SenderFilterConfig | Format-List Blocked*

使用 Exchange 命令行管理程序配置发件人筛选以阻止发件人为空的邮件Use the Exchange Management Shell to configure sender filtering to block messages with blank senders

若要启用或禁用阻止发件人为空的邮件,请使用以下语法:To enable or disable blocking messages that have blank senders, use the following syntax:

Set-SenderFilterConfig -BlankSenderBlockingenabled <$true | $false>

本示例配置发件人筛选器代理,以阻止未在MAIL FROM: SMTP 命令中指定发件人的邮件:This example configures the Sender Filter agent to block messages that don't specify a sender in the MAIL FROM: SMTP command:

Set-SenderFilterConfig -BlankSenderBlockingEnabled $true

如何判断是否生效?How do you know this worked?

若要验证您是否已成功启用或禁用阻止发件人为空的邮件,请运行以下命令来验证属性值:To verify that you have successfully enabled or disabled blocking messages with blank senders, run the following command to verify the property value:

Get-SenderFilterConfig | Format-List BlankSenderBlockingEnabled

使用 Exchange 命令行管理程序配置发件人筛选操作Use the Exchange Management Shell to configure the action for sender filtering

通常情况下,您希望拒绝来自被阻止的发件人或域的邮件,这是默认操作。Typically, you want to reject messages from blocked senders or domains, and this is the default action. 但是,您可以配置发件人筛选以允许其他反垃圾邮件代理进一步分析这些邮件到您的组织中。However, you can configure sender filtering to allow these message into your organization for further analysis by other antispam agents.

若要配置发件人筛选对来自阻止的发件人或域的邮件所采取的操作,请使用以下语法:To configure the action that sender filtering takes on messages from blocked senders or domains, use the following syntax:

Set-SenderFilterConfig -Action <Reject | StampStatus>

本示例将发件人筛选器代理配置为允许来自被阻止的发件人或域的邮件。This example configures the Sender Filter agent to allow messages from blocked senders or domains. 发件人筛选器代理将更新邮件,以表明它来自被阻止的发件人。The Sender Filter agent updates the message to indicate that it came from a blocked sender. 此信息用于计算邮件的垃圾邮件信任级别(SCL)。This information is used in the calculation of the message's spam confidence level (SCL).

Set-SenderFilterConfig -Action StampStatus

本示例将发件人筛选器代理配置为拒绝来自被阻止的发件人或域的邮件。This example configures the Sender Filter agent to reject messages from blocked senders or domains. 发件人筛选器代理会拒绝 smtp 会话错误的 SMTP 请求 554 5.1.0 Sender Denied ,并关闭该连接。The Sender Filter agent rejects the SMTP request with a 554 5.1.0 Sender Denied SMTP session error and closes the connection.

Set-SenderFilterConfig -Action Reject

如何判断是否生效?How do you know this worked?

若要验证是否已成功配置发件人筛选操作,请运行以下命令来验证action属性值:To verify that you have successfully configured the action for sender filtering, run the following command to verify the Action property value:

Get-SenderFilterConfig | Format-List Action

使用 Exchange 命令行管理程序为来自安全列表聚合的阻止发件人配置发件人筛选操作Use the Exchange Management Shell to configure the action for sender filtering for blocked senders from SafeList aggregation

安全列表聚合将在 Microsoft Outlook 或 web 上的 Outlook 中的用户定义的阻止发件人添加到发件人筛选器代理使用的阻止发件人列表。SafeList aggregation adds blocked senders that are defined by your users in Microsoft Outlook or Outlook on the web to the Blocked Senders list that's used by the Sender Filter agent. 有关详细信息,请参阅安全列表聚合For more information, see Safelist aggregation.

若要配置发件人筛选对包含由安全列表聚合定义的阻止发件人的邮件采取的操作,请使用以下语法:To configure the action that sender filtering takes on messages that contain blocked senders that are defined by SafeList aggregation, use the following syntax:

Set-SenderFilterConfig -RecipientBlockedSenderAction <Delete | Reject>

本示例将发件人筛选器代理配置为无提示地删除包含由安全列表聚合定义的阻止发件人的邮件。This example configures the Sender Filter agent to silently drop messages that contain blocked senders that are defined by SafeList aggregation.

Set-SenderFilterConfig -RecipientBlockedSenderAction Delete

本示例将发件人筛选器代理配置为拒绝包含由安全列表聚合(也称为 NDR、传递状态通知、DSN 或退回邮件)定义的阻止发件人的邮件。This example configures the Sender Filter agent to reject messages that contain blocked senders that are defined by SafeList aggregation with a non-delivery report (also known as an NDR, delivery status notification, DSN or bounce message).

Set-SenderFilterConfig -RecipientBlockedSenderAction Reject

如何判断是否生效?How do you know this worked?

若要验证是否已成功为来自安全列表聚合的阻止发件人的发件人筛选配置操作,请运行以下命令来验证RecipientBlockedSenderAction属性值:To verify that you have successfully configured the action for sender filtering for blocked senders from SafeList aggregation, run the following command to verify the RecipientBlockedSenderAction property value:

Get-SenderFilterConfig | Format-List RecipientBlockedSenderAction