Applies to: Exchange Server 2016
Topic Last Modified: 2016-03-28
Use the Install-AntispamAgents.ps1 PowerShell script to install and enable the built-in Exchange antispam agents on a Mailbox server.
The following antispam agents are available in the Transport service on Exchange 2016 Mailbox servers, but they aren’t installed by default:
- Content Filter agent
- Sender Filter agent
- Sender ID agent
- Protocol Analysis agent for sender reputation
You can install these antispam agents on a Mailbox server by using an Exchange Management Shell script, which is important if these agents are your only defense to help prevent spam. Typically, you don’t need to install the antispam agents on a Mailbox server when your organization uses other types of antispam filtering on incoming mail.
 Note: |
|---|
| Although the Recipient Filter agent is available on Mailbox servers, you shouldn’t configure it. When recipient filtering on a Mailbox server detects one invalid or blocked recipient in a message that contains other valid recipients, the message is rejected. The Recipient Filter agent is enabled when you install the antispam agents on a Mailbox server, but it isn’t configured to block any recipients. For more information, see Recipient filtering procedures on Edge Transport servers. |
- Estimated time to complete this task: 15 minutes
- You can only use PowerShell to perform this procedure. To learn how to open the Exchange Management Shell in your on-premises Exchange organization, see Open the Exchange Management Shell.
- The Connection Filtering agent and the Attachment Filtering agent aren’t available on Mailbox servers. They’re only available on Edge Transport servers, and they’re installed and enabled there by default. However, the Malware agent is installed and enabled by default on Mailbox servers. For more information, see Anti-malware protection.
- If you have other Exchange antispam agents operating on the messages before they reach the Mailbox server (for example, an Edge Transport server in the perimeter network), the antispam agents on the Mailbox server recognize the antispam X-header values that already exist in messages, and those messages pass through without being scanned again.
- You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the “Transport configuration” entry in the Mail flow permissions topic.
- For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center.
 Tip: |
|---|
| Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection. |
Run the following command in the Exchange Management Shell on the Mailbox server:
& $env:ExchangeInstallPath\Scripts\Install-AntiSpamAgents.ps1
You know this step worked if the script runs without errors and asks you to restart the Microsoft Exchange Transport service. The output looks like this:
WARNING: Please exit Windows PowerShell to complete the installation. WARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport WARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport Identity Enabled Priority -------- ------- -------- Content Filter Agent True 8 WARNING: Please exit Windows PowerShell to complete the installation. WARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport WARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport Sender Id Agent True 9 WARNING: Please exit Windows PowerShell to complete the installation. WARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport WARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport Sender Filter Agent True 10 WARNING: Please exit Windows PowerShell to complete the installation. WARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport WARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport Recipient Filter Agent True 11 WARNING: Please exit Windows PowerShell to complete the installation. WARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport WARNING: The following service restart is required for the change(s) to take effect : MSExchangeTransport Protocol Analysis Agent True 12 WARNING: The agents listed above have been installed. Please restart the Microsoft Exchange Transport service for changes to take effect.
Run the following command in the Exchange Management Shell on the Mailbox server:
Restart-Service MSExchangeTransport
You know this step worked if the Microsoft Exchange Transport service restarts without errors. The output looks like this:
WARNING: Waiting for service 'Microsoft Exchange Transport (MSExchangeTransport)' to start... WARNING: Waiting for service 'Microsoft Exchange Transport (MSExchangeTransport)' to start... WARNING: Waiting for service 'Microsoft Exchange Transport (MSExchangeTransport)' to start... WARNING: Waiting for service 'Microsoft Exchange Transport (MSExchangeTransport)' to start... WARNING: Waiting for service 'Microsoft Exchange Transport (MSExchangeTransport)' to start... WARNING: Waiting for service 'Microsoft Exchange Transport (MSExchangeTransport)' to start...
You need to specify the IP addresses of every internal SMTP server that should be ignored by the Sender ID agent. In fact, you need to specify the IP address of at least one internal SMTP server. If the Mailbox server where you’re running the antispam agents is the only SMTP server in your organization, specify the IP address of that computer.
To add the IP addresses of internal SMTP servers without affecting any existing values, run the following command in the Exchange Management Shell on the Mailbox server:
Set-TransportConfig -InternalSMTPServers @{Add="<ip address1>","<ip address2>"...}
This example adds the internal SMTP server addresses 10.0.1.10 and 10.0.1.11 to the transport configuration of your organization.
Set-TransportConfig -InternalSMTPServers @{Add="10.0.1.10","10.0.1.11"}
To verify that you have successfully specified the IP address of at least one internal SMTP server, run the following command in the Exchange Management Shell on the Mailbox server, and verify that the IP address of at least one valid internal SMTP server is displayed.
Get-TransportConfig | Format-List InternalSMTPServers
- The Content Filter agent, Sender ID agent, Sender Filter agent, and Protocol Analysis (sender reputation) agent should now be installed and running on the Mailbox server. To verify this, run the following commands in the Exchange Management Shell on the Mailbox server:
Get-TransportAgent
Get-ContentFilterConfig | Format-Table Name,Enabled; Get-SenderFilterConfig | Format-Table Name,Enabled; Get-SenderIDConfig | Format-Table Name,Enabled; Get-SenderReputationConfig | Format-Table Name,Enabled
- To see detailed information about the configuration of each agent, run the following commands:
Get-ContentFilterConfig | Format-List *Enabled,RejectionResponse,*Postmark*,Bypassed*,Quarantine*;
Get-SenderFilterConfig | Format-List *Enabled,*Block*
Get-SenderIDConfig | Format-List *Enabled*,*Action,Bypassed*
Get-SenderReputationConfig | Format-List *Enabled*,*Proxy*,*Block*,*Ports*
- To configure each agent, see the following topics:
- By default, the Content Filter agent, the Sender Filter agent, and the Sender ID agent record their activities in the antispam agent log on the Mailbox server. You can verify that these antispam agents are working when information is written to the log. To see the location and configuration of the log, run the following command in the Exchange Management Shell on the Mailbox server:
Get-TransportService | Format-List AgentLog*
For instructions on how to configure the log, see Configure anti-spam agent logging.
https://technet.microsoft.com/en-us/library/bb201691(v=exchg.160).aspx
Home