Exchange 2007 safe list aggregation

You can give Exchange 2007 a little spam-fighting help by enlisting all the copies of Outlook on your client’s network.

Each time a user rescues a message from the Junk Mail folder, they add it to Outlook’s safe list – and you can bring the contents of these safe lists into Exchange, so they’re used to flag messages as safe well before they arrive on your clients’ desktops.

Exchange’s safe list aggregation feature treats all the safe lists equally – so if any one user has flagged an address as safe, all users will see messages from that address. Safe list aggregation can be resource intensive if you’re working with lots of mailboxes, so work with it when no one’s likely to be using the mail server (though small Exchange installs shouldn’t see much disruption).

To update the safe list data for all the mailboxes in an organisation use the following PowerShell command:

get-mailbox -ResultSize Unlimited | where {$_.RecipientType -eq [Microsoft.Exchange.Data.Directory.Recipient.RecipientType]::UserMailbox } | update-safelist

Safe list aggregation is a manual process. You can automate it, simply by building a script around the PowerShell command and then scheduling it to run at set times using the at command in Windows Server. To schedule a script to run at 1.00 am every day, use the following command:

at 1:00 /every:M,T,W,Th,F,S,Su cmd /c “C:\script.vbs”




Show other articles by this author

Share |
Write comment
security image
smaller | bigger
Comments (2)
Posted: Jan, 9 2010

All users?

users will not see mail if it is on one safelist. It is a per user feature. I've tested it and it is so, but maybe i missed something?
Simon Bisson
Posted: Jan, 29 2010
This command extracts the safelists from each user, and then uses them to update the safelist used by the Exchange Edge server - so that messages that pa*s through Exchange will be flagged as safe before delivering to users.



Subscribe and get the magazine in the post before it's online

Subscribe and get access to all of the back issues

To read a sample eMagazine - March 2010



If Autoruns, Processor Explorer, FileMon, RegMon and the other SysInternals tools aren't already in your arsenal, then you need to take a look at the instructions for these invaluable free utilities on the Sysinternals site. If you already know, love and tote them around on a USB stick, memorise instead; this hosts the full set of tools as EXEs files, complete with help files, so you can run them from any machine you need to work on without needing to install them or even unpack a ZIP file. read more


Unified communications


The #1 Bestseller for Only 77p