Perform the following steps in the Management Console tree:
To configure the use of external anti-spam message scanning services for an unassigned Security Server, maximize the node of the relevant Security Server.
To configure the use of external anti-spam message scanning services for Security Servers belonging to a profile, maximize the Profiles node and inside it maximize the node of the profile for whose Security Servers you want to configure the use of external anti-spam message scanning services.
Select the Server protection node.
In the workspace, on the Protection for the Transport Hub role tab, expand the Using external Anti-Spam services configuration section.
Select the Use external resources for spam scan check box if you want the application to consider the IP address and URL scan results of these services during anti-spam analysis.
If you want to use your own list of DNS names of servers providing denylists of DNS names and assign them weighting coefficients, select the Use set of DNSBL black lists check box. To generate a custom list:
If you want to add an entry to the custom list, specify the DNS name of the server and its weighting coefficient in the corresponding fields and click the button.
If you want to delete an entry from the custom list, click the button.
If you want to import a custom list, click the button.
If you want to export a custom list, click the button.
If you want to use your own list of SURBL names of servers providing denylists of URLs and assign them weighting coefficients, select the Use set of SURBL black lists check box. To generate a custom list:
If you want to add an entry to the custom list, specify the DNS name of the server and its weighting coefficient in the corresponding fields and click the button.
If you want to remove a record, click the button.
If you want to import a custom list, click the button.
If you want to export a custom list, click the button.
To enable a reverse DNS lookup of the sender's IP address, select the Check sender IP for presence in DNS check box.
To enable the use of SPF technology, select the Use SPF, DKIM, and DMARC technologies check box.
Together with SPF technology, DKIM and DMARC technologies are also used.
If you want the application to check if the sender's IP address belongs to a botnet based on its reverse DNS zone, select the Check if sender's IP address is dynamic check box.
If the check result is positive, the spam rating of the message is increased.
In the Maximum DNS request timeout spin box, specify the maximum waiting time in seconds.
The default value is 5 sec. After timeout, the application scans the message for spam without checking if the sender's IP address belongs to a dynamic DNS.