1

I am using Spamhaus SBL and Spamcop as RBL providers in Echange 2016 which works fairly well for me. However, some connections are blocked which really shouldn't. To prevent false positives I went on to configure IP allow list providers (list.dnswl.org to be specific).

Everything seems to be configured correctly, using Test-IPAllowListProvider returns matches for "falsely" blocked IP addresses. Yet Exchange still blocks these connections because they appear on the RBL.

How do IPAllowListProvider and IPBBlockListProvider interact in connection filtering? Can I configure exchange to accept e-mails from servers which appear on the DNS white list even when they also appear on the black list?

Rob
  • 11
  • 1

1 Answers1

1

You probably want to run the following Exchange cmdlets:

Get-IPAllowListProvidersConfig | Format-List *Enabled
Get-IPAllowListConfig | Format-List *MailEnabled

Make sure that you actually have the white list providers enabled.

Assuming that looks good, try

Get-IPBlocklistProvider
Get-IPAllowListProvider

Look at the priority. If the priority of your Blocklist Provider is higher than the priority of your Allowlist Provider, that might be your problem. If you don't already have something set as priority 1, try 

Set-IPAllowListProvider list.dnswl.org -Priority 1

(assuming that's what you called the provider) and see if that helps.

Katherine Villyard
  • 18,550
  • 4
  • 37
  • 59
  • Thanks for your suggestion. I checked that everything is enabled. The priorities are set properly. What can't be done with the -Priority command is giving say list.dnwsl.org priority 1 and sbl.spamhaus.org priority 2 (f these are the only list providers). Automatically both will have priority 1. Somehow exchange must internally have a way to prioritize. – Rob Nov 02 '18 at 08:42
  • I have an allowlistprovider set to Priority 1 and a blocklistprovider set to Priority 3. You might have to `Set-IPBlockListProvider sbl.spamhaus.org -Priority 2` or whatever. – Katherine Villyard Nov 02 '18 at 14:47
  • Perhaps you had some old block list providers with a higher priority which you deleted? I can't set a higher priority than the number of providers I have.... In any case, even then allow lists are ignored by my server. – Rob Nov 03 '18 at 21:16