Forum Discussion
laomashitu
Sep 14, 2023Copper Contributor
how to block sender with empty email address?
hi all,
i have installed the exchange 2016 antispam functionality on mailbox server and it have all succeeded.
but i still can see some junk email in the queue viewer. these emails have one feature that their sender email address is blank. how to block it?
i copied the details of the email as below:
Identity: WinEXCH\6710\26109106192387
Subject: 未送达: Wa个人贷-企业贷,花黑白户均可办理,V十ffe2013正规可靠wbSCjNjeMlgpQ
Internet Message ID: <email address removed for privacy reasons>
From Address: <>
Status: 重试
Size (KB): 14
Message Source Name: DSN
Source IP: 255.255.255.255
SCL: -1
Date Received: 2023/9/13 22:05:32
Expiration Time: 2023/9/15 22:05:32
Last Error: 454 4.7.1 <email address removed for privacy reasons>: Relay access denied
Queue ID: *****\6710
Recipients: email address removed for privacy reasons;3;2;[{LED=454 4.7.1 <email address removed for privacy reasons>: Relay access denied};{MSG=};{FQDN=};{IP=};{LRT=}];0;CN=*******-outbound,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=SH ******,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=shluoman,DC=cn;0
- LeonPavesicSilver Contributor
Hi laomashitu,
when dealing with the issue of blocking emails with blank sender addresses in Exchange 2016 Server, it's important to have a rounded approach to email security. Here is what you can do:
1. Use Connection Filtering:
- Think of this as creating a list of trusted and untrusted sources. Configure Exchange to block emails from known suspicious sources or IP addresses frequently associated with blank sender emails.
Configure the default connection filter policy | Microsoft Learn2. Enable Recipient Filtering:
- This is like a gatekeeper checking if the mail is addressed to a valid recipient. By enabling this, you can prevent emails with blank or invalid recipient addresses from reaching your inbox.
Recipient filtering procedures on Edge Transport servers | Microsoft Learn3. Consider Sender Reputation:
- Think of this as checking someone's reputation before allowing them into your home. Use sender reputation filtering if available in your anti-spam solution to assess the trustworthiness of the sender's IP address.
Sender reputation procedures | Microsoft Learn4. Set Up Content Filtering:
- it is important to having a filter that screens out certain words or phrases. Create content filtering rules to catch spammy content even in emails with blank senders.
Content filtering procedures | Microsoft Learn5. Keep Everything Updated:
- Keep your anti-spam solution up to date with the latest spam detection techniques and rules.Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic
- laomashituCopper Contributor
are there any other ways to prevent the blank email address except the powerhsell set-senderfileterconfig, while i have enabled it, but exchange 2016 cannot prevent it.
- laomashituCopper Contributor
many thanks for your help, under your guidance.
last night i have done the block action with powershell, and it succedded.
[PS] C:\Windows\system32>Set-SenderFilterConfig -BlankSenderBlockingEnabled $true
[PS] C:\Windows\system32>Get-SenderFilterConfig |fl blanksenderblockingenabled
BlankSenderBlockingEnabled : Truehowever, i checked the exchange server this morning and still find an email sent with blank email address this morning at
Date Received: 2023/9/15 0:21:07
is it the function blanksenderblocking not working or any other else factor?
i pasted the email head below, i highlight the sender and recipients with red. obviously the recipients address is not our domain. apparently this is an jungle email.
Identity: ******\6534\26220775342086
Subject: 未送达: 【ETC】重要なお知らせ
Internet Message ID: <ae14d689-fffc-445f-80e5-0ddc2aa85bf3@*****.***.cn>
From Address: <>
Status: 就绪
Size (KB): 18
Message Source Name: DSN
Source IP: 255.255.255.255
SCL: -1
Date Received: 2023/9/15 0:21:07
Expiration Time: 2023/9/17 0:21:07
Last Error: 400 4.4.7 Message delayed
Queue ID: ******\6534
Recipients: email address removed for privacy reasons;2;2;[{LED=400 4.4.7 Message delayed};{MSG=};{FQDN=};{IP=};{LRT=}];0;CN=Luoman-outbound,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=SH Luoman,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=shluoman,DC=cn;0- laomashituCopper Contributoremail address removed for privacy reasons this is the recipients' email address, it was removed by the privacy reason.