Okay, I'm coming up empty on this one, so I'd love to a) hear that I'm doing it wrong; b) know how other people are handling this, or c) get a clue-by-four to the right side of my sleep-deprived head.
We're at Exchange 2010 SP1 RU6 with Forefront for Exchange 2010. We have edge transports deployed. On the edges, Forefront is performing anti-spam duties using the Cloudmark engine (as well as anti-malware, etc.). Forefront is set to reject messages with an SCL rating of 9; SCLs of 5-8 is delivered to the Junk Mail folder, and 0-4 is put in the Inbox. Safe- and Blocked Senders List aggregation works just fine. Anyway, I have a user who is on a mailing list and is having trouble receiving some of the messages sent to said list because they're coming in with an SCL of 9 and are thus being rejected. Our HelpDesk told her to put right-click the message in Outlook and choose Junk --> Never Block Sender, which puts the address on the user's Safe Senders list. Fine...except this didn't work for the user, because this is a list, and the list's address--which was the address added to the Safe Senders list--is actually in the Sender header, not the From header; the From header being what FPE and Exchange both use when doing Safe Sender lookups (from what I understand). So the HelpDesk tells her instead to use the "Never block this Group or Mailing list" option in Outlook (on my recommendation), which adds the listserv's email address to the user's Safe Recipients list (since the list address is in the To header). Again, fine...except this apparently didn't work for her either, and I'm not sure why not. I've been trying this with a list I'm on where I know I'm not receiving some emails but haven't really cared (the aper list, which sends an email for every numbered commit; I can tell that a message was rejected easily because some commit emails are missing). On page 14 of the "Forefront Protection 2010 for Exchange Server Antispam Framework"[1] it says, "During the antispam scanning of incoming mail, FPE antispam agents will aggregate per-recipient Safe Senders, Safe Recipients, and Blocked Senders information and act accordingly." I can see that the msExchSafeRecipientsHash attribute is being pushed to the edges' AD-LDS instances. However, it doesn't seem like the Safe Recipients list is being honored at all. Does anyone have any light they can shine on this? I can't imagine this is how it's supposed to work... Thanks! [1] http://goo.gl/MZyqx --- Seth --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist