How to Create Custom Error Notifications for IP Block List Providers in Exchange 2007

Tuesday, August 25, 2009

This doesn't seem to be documented anywhere in Microsoft TechNet, so I figured I'd write up a post about it.

IP Block List Providers in Exchange 2007 are a means to reduce spam from entering your organization. They are configured on the Edge Transport servers, which is detailed in TechNet here. This article explains how to use variables to create a custom error message when an email is rejected by an IP Block List filter.

In Exchange 2003, you can pass parameters to the custom error message using the %0, %1 and %2 variables.

  • %0 = IP address of the sending mail server
  • %1 = Rule name of the connection filter (Provider name)
  • %2 = The RBL provider (Lookup domain)

In Exchange 2007 the variables are the same, but the way you call the variables has changed.

  • {0} = IP address of the sending mail server
  • {1} = Rule name of the connection filter (Provider name)
  • {2} = The RBL provider (Lookup domain)

Using these variables we can craft more helpful error messages, in the event that a real person (not a spammer) is blocked by your block list (aka, RBL) provider.

In the custom error message example above, the following error message would be returned from blocked server 127.0.0.1:

Host 127.0.0.1 was blocked by Trend Micro Email Reputation Services (ERS). Please see http://www.mail-abuse.com/cgi-bin/lookup/cgi-bin?ip_address=127.0.0.1