发件人筛选Sender filtering

发件人筛选将由 Exchange 管理员维护的阻止发件人列表与 SMTP 连接中 MAIL FROM 命令的值进行比较,来确定如何处理来自阻止发件人的入站电子邮件。Sender filtering compares a list of blocked senders that's maintained by the Exchange administrator to the value of the MAIL FROM command in SMTP connections to determine what to do with inbound email messages from those blocked senders. Exchange Server 中的发件人筛选由发件人筛选器代理提供,并基本上在 Exchange Server 2010 中保持不变。Sender filtering in Exchange Server is provided by the Sender Filter agent, and is basically unchanged from Exchange Server 2010.

您可以配置发件人筛选器代理阻止单个发件人(如 kim@contoso.com)、整个域 (contoso.com) 或域和所有子域 (*.contoso.com)。您可以控制代理是否检查来自内部源和/或外部源的邮件。您还可以配置对来自受阻止发件人的邮件执行的操作:You can configure the Sender Filter agent block single senders (for example, kim@contoso.com), whole domains (contoso.com), or domains and all subdomains (*.contoso.com). You can control whether the agent inspects messages from internal sources, external sources, or both. You can also configure the action to take on messages from blocked senders:

  • 拒绝:发件人筛选器代理将拒绝 smtp 请求554 5.1.0 Sender Denied ,并关闭 smtp 会话错误并关闭该连接。Reject: The Sender Filter agent rejects the SMTP request with a 554 5.1.0 Sender Denied SMTP session error and closes the connection.

  • 图章状态:发件人筛选器代理接受邮件并更新邮件,以指示邮件来自被阻止的发件人。Stamp status: The Sender Filter agent accepts the message and updates the message to indicate that it came from a blocked sender. 内容筛选器代理在计算邮件的垃圾邮件可信度 (SCL) 时,会使用此信息。The Content Filter agent uses this information when it calculates the spam confidence level (SCL) of the message. 有关内容筛选和内容筛选器代理的详细信息,请参阅 内容筛选For more information about content filtering and the Content Filter agent, see Content filtering.

默认情况下,发件人筛选器代理是在边缘传输服务器上启用的,但您可以在邮箱服务器上启用它。By default, the Sender Filter agent is enabled on Edge Transport servers, but you can enable it on Mailbox servers. 有关详细信息,请参阅在邮箱服务器上启用反垃圾邮件功能For more information, see Enable antispam functionality on Mailbox servers.

有关如何配置发件人筛选器代理的详细信息,请参阅发件人筛选过程For more information about how to configure the Sender Filter agent, see Sender filtering procedures.

重要

MAIL FROM: SMTP 邮件头可能带欺骗性质,因此,不应只依靠发件人筛选器代理。The MAIL FROM: SMTP headers can be spoofed, so you shouldn't rely exclusively on the Sender Filter agent. 而是应配合使用发件人筛选器代理和发件人 ID 代理。Instead, you should use both the Sender Filter agent and the Sender ID agent. 发件人 ID 代理使用发送服务器的来源 IP 地址来验证 MAIL FROM: SMTP 邮件头中的域与已注册的域是否匹配。The Sender ID agent uses the originating IP address of the sending server to verify that the domain in the MAIL FROM: SMTP header matches the domain that's registered. 有关发件人 ID 代理的详细信息,请参阅发件人 idFor more information about the Sender ID agent, see Sender ID.

使用发件人筛选器代理阻止邮件Using the Sender Filter agent to block messages

默认情况下,发件人筛选器代理被配置为只检查来自外部源的邮件。外部源定义为未通过身份验证的来源。您可以将发件人筛选器代理配置为检查来自内部(经过身份验证的)源的邮件。但是,最佳做法是,不需要将反垃圾邮件筛选器应用于来自受信任合作伙伴或组织内部的电子邮件。By default, the Sender Filter agent is configured to only inspect messages from external sources. External sources are defined as unauthenticated sources. You can configure the Sender Filter agent to inspect messages from internal (authenticated) sources. However, as best practice, you typically don't need to apply antispam filters to messages from trusted partners or from inside your organization.

您还可以配置发件人筛选器代理,以阻止未在 MAIL FROM SMTP 命令中指定发件人和域的入站邮件。此功能可帮助阻止 Exchange 服务器受到 NDR 攻击。大多数合法 SMTP 邮件都来自在 MAIL FROM 命令中提供发件人和域的 SMTP 服务器。You can also configure the Sender Filter agent to block inbound messages that don't specify a sender and domain in the MAIL FROM SMTP command. This setting helps to prevent NDR attacks on the Exchange server. Most legitimate SMTP messages come from SMTP servers that provide a sender and domain in the MAIL FROM command.

指定对来自阻止的发件人的邮件的操作Specify the action for messages from blocked senders

已配置发件人筛选器代理监视的阻止的发件人和来源后,您需要配置发件人筛选器代理拒绝或接受以及标记来自那些发件人的邮件。我们建议您拒绝那些邮件,因为在阻止的发件人的特定列表基础上误报的可能性要比其他计算了邮件属性后得到的误报少得多。After you've configured the blocked senders and the sources that are monitored by the Sender Filter agent, you need to configure the Sender Filter agent to reject or accept and stamp messages from those senders. We recommend that you reject the messages, because the chance of false positives based on the specific list of blocked senders is much less than other calculated message properties.

只有在下面两种情况下,发件人筛选器代理才可能拒绝合法邮件:There are only two scenarios where a legitimate message might be rejected by the Sender Filter agent:

  • 您键入的阻止的发件人有误。You mistype the blocked sender.

  • 您的阻止的发件人列表中的域后来被重新注册到一家合法公司。The domain in your Blocked Senders list is later re-registered to a legitimate company.