In Exchange Server 2003, Microsoft introduces several new features that have become necessary in today's enterprise messaging environment, including a set of filtering capabilities designed to protect Exchange against unsolicited commercial email (UCE—aka spam). Exchange 2003's recipient filtering, sender filtering, restricted groups, and restricted recipients features let you specify which senders and receivers can exchange messages across your Exchange environment. To get the most out of these features, you need to understand how they work, when to apply them, and how to configure them. (Connection filtering, a feature new to Exchange 2003 that uses Real-Time Block Lists—RBLs—to check incoming connections for known spammers, has been discussed elsewhere. For information about RBLs, see The Exchange Server Troubleshooter, "Exploring Exchange Server 2003's Spam-Filtering Capabilities," November 2003, http://www.winnetmag.com/microsoftexchangeoutlook, InstantDoc ID 40067.)
Recipient Filtering
Exchange 2000 Server lets you use Recipient Policies to define the domains for which the server will accept messages. Although these policies work well, they open a hole in the messaging service that a spammer can exploit. For example, if a spammer determines that your organization accepts email for hp.com or compaq.com, the spammer can simply generate email targeting those domains and send unwanted messages into your environment. In most forms, spam is just a nuisance, but it can also transport viruses or malicious information. . . .
Amit Kumar December 05, 2003