PureMessage for Microsoft Exchange: how to configure for the best spam capture rates

  • Article ID: 23463
  • Updated: 16 Dec 2013


To ensure that your PureMessage for Microsoft Exchange server is configured to get the best possible spam capture rates:

  • ensure that PureMessage and Sophos Anti-Virus are up to date
  • configure trusted relays. For more information about trusted relays, see below.
  • check that your DNS servers are correctly configured, as described below.

What to do

1. Ensure that PureMessage and Sophos Anti-Virus are up to date

  1. Check PureMessage and Sophos Anti-Virus to ensure that you have the latest versions installed.
  2. If you do not have the latest versions installed, you should upgrade now.

2. Configure trusted relays

  1. In the PureMessage console tree, click Jobs|Mail (SMTP). Select the Spam tab.
  2. At the bottom right hand side of the panel, click 'Specify trusted relays'.
  3. In the 'Trusted relays list' window, select 'Add'.
    You will use this dialog box to add the IP addresses of what you consider to be trusted relays. These would normally include
      • your ISP's SMTP server
      • any email gateway servers that email passes through within your network
  4. In the dialog box, enter an IP address or a range of IP addresses for your trusted relays.
  5. Ensure that 'Check only the first external relay against DNS block lists' is selected. Click OK.
  6. At the bottom left on the Spam tab, ensure that 'Check message relays against DNS block lists' is selected. Click OK|Apply.

3. Check that your listed DNS servers are correctly configured and working

    1. From Windows Control Panel, navigate, to the 'Internet Protocol (TCP/IP) Properties' dialog box. (How you get to this will vary according to your operating system. If you are unsure, consult your Windows Help/documentation.)
    2. Click 'Advanced' to display the 'Advanced TCP/IP Settings' dialog box.
    3. Select the 'DNS' tab, and from here identify if any of the listed DNS servers are not responding or not resolving names correctly.
    4. Highlight the DNS servers which are not responding or resolving names, and click 'Remove'.
    5. Click 'OK'.

What is a trusted relay?

An email relay is a type of server used to pass email from one point of the internet to another. Each email contains a list of the email relays it passes through on the Internet. This includes the email server used to send the email - the originating email server.

A trusted relay is a known email server that sends or forward emails to PureMessage. Typical examples of trusted relays include your ISP's SMTP server and any email relays located on your network which are upstream to your PureMessage server(s). These servers can be trusted because they are highly unlikely to be the source of spam email. It is important to understand that servers on the trusted relay list will still relay spam email but are unlikely to be the originating source of the spam.

By default PureMessage will run a reputation check on each email server address specified in an email. When a server is added to the trusted relay list the reputation check for that server is skipped, because the server is "trusted". This has a positive impact on the email scanning speed because a lower volume of reputation checks have to be carried out. It also enables the spam engine to be more deterministic when it matches an email server's address against the known list of spamming email servers. Therefore a higher spam score can be allocated to the email when a match is found.

For more information on how to configure PureMessage refer to the PureMessage user manual.

Another knowledgebase article contains more information on troubleshooting spam blocking on version 3.0 of PureMessage for Microsoft Exchange.

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments