I had a user ask me a question about why a user in thier safe sender was sent to thier junk mail, so I honestly had to sit down a moment and look at why this happend. After brain frying a few minutes I was reminded that in Exchange 2007 this is a manul process to sync that safe list into AD. Yeah that kinda sucks but its the method we have to use today.

So how does Safe List aggregation work?

When a user adds items to thier safe list 2 attributes can get updated in AD depending if its a safe recipient or safe sender.

msExchSafeRecipientsHash – This attribute stores the hash of the Safe Recipients List collection for the user.
msExchSafeSendersHash – This attribute stores the hash of the Safe Senders List collection for the user.

Lets take a look at these properties:
1. Open ADSIEdit
2. domain
3. select a users
4. find the msExchSafeRecipientsHash

We can see the value is “NOT SET”

Lets logon to Brian’s mailbox in OWA

1. Logon to mailbox
2. Select Options
3. Junk

Notice all the sections are grayed out, this is because we need to set the option to enable junk filtering.

Select the radius button “Automatically filter junk email”

Save the settings.

Now Lets add a user to our safe recipients list:

1. Under Manage Safe Recipients List select ADD

2. Input the users email address you want to add, in this case I used John.Smith@madeup.com

Now that the user has done thier part its time for the administrator to actually make this functional.

I am going to run this for just the Brian’s account in the example however you would really want to run this against all users mailboxes

1. Open EMS
2. Update-Safelist Brian.Tirch -type both
** by default this command will run only safe senders if do not use the -type switch and specify both or saferecipients.

now lets check in ADSI to see if anything has changed

Notice the information was not updated, why?

Did you install the anti spam agents in the org and enable content filtering?

To install the anti spam agents run the built in scrip install-antispamagents.ps1
or see my posting on anti spam http://exchange-genie.blogspot.com/2007/12/exchange-2007-anti-spam.html

Now lets check our properties in ADSI

we no longer have an empty value but a hashed value

Since this is not an automatic process an Admin would need to create a schedule task to run nightly to update the users information on a regular basis. The two articles below can assist with scheduling this to run against all users nightly.


Safe list aggregation

good dick movie ending superhero movie women movie batman gotham knight crash movie miracle at st anna new movie dark honeymoon movie extras dead like me movie trivia alive or dead eldest movie living hell movie actors 10 items or less movie costumes backwoods the changeling movie