Exchange 2007 safe list aggregation

You can give Exchange 2007 a little spam-fighting help by enlisting all the copies of Outlook on your client’s network.

Each time a user rescues a message from the Junk Mail folder, they add it to Outlook’s safe list – and you can bring the contents of these safe lists into Exchange, so they’re used to flag messages as safe well before they arrive on your clients’ desktops.

Exchange’s safe list aggregation feature treats all the safe lists equally – so if any one user has flagged an address as safe, all users will see messages from that address. Safe list aggregation can be resource intensive if you’re working with lots of mailboxes, so work with it when no one’s likely to be using the mail server (though small Exchange installs shouldn’t see much disruption).

To update the safe list data for all the mailboxes in an organisation use the following PowerShell command:

get-mailbox -ResultSize Unlimited | where {$_.RecipientType -eq [Microsoft.Exchange.Data.Directory.Recipient.RecipientType]::UserMailbox } | update-safelist

Safe list aggregation is a manual process. You can automate it, simply by building a script around the PowerShell command and then scheduling it to run at set times using the at command in Windows Server. To schedule a script to run at 1.00 am every day, use the following command:

at 1:00 /every:M,T,W,Th,F,S,Su cmd /c “C:\script.vbs”




Show other articles by this author

Share |
Write comment
security image
smaller | bigger
Comments (2)
Posted: Jan, 9 2010

All users?

users will not see mail if it is on one safelist. It is a per user feature. I've tested it and it is so, but maybe i missed something?
Simon Bisson
Posted: Jan, 29 2010
This command extracts the safelists from each user, and then uses them to update the safelist used by the Exchange Edge server - so that messages that pa*s through Exchange will be flagged as safe before delivering to users.



Subscribe and get the magazine in the post before it's online

Subscribe and get access to all of the back issues

To read a sample eMagazine - March 2010



If you're supporting en users who need to transfer files by FTP occasionally, explaining how to use FTP every time can get frustrating. Map an FTP site as a custom network location and they can do it through the familiar Explorer window. If you only have a couple of machines you can choose Tools >Map Network Drive… in Explorer and click the link 'Connect to a Web site that you can use to store your documents and pictures' to open a wizard that creates a network location. Select 'Choose a custom network location', type in the FTP address and fill in the user name and password. You can also create mapped drives and network places on the Environment tab of the user's Active Directory object - but if you have a lot of users to set up, put it in the logon script for the user profile under Active Directory Users and Computers.
If you're running into problems with Group Policy Objects, check this handy summary of the rules at read more


Unified communications


The #1 Bestseller for Only 77p