How to block spoofed emails on Exchanhge 2013

Needed to stop some of the ransomware that is spreading in the net.

Create your SPF records, listing the IP addresses. Try to avoid using “mx” in the SPF record, since it can cause issues with the SPF checking for your own domain. Use “-” for hardfail IN TXT “v=spf1 ip4:IP/mask -all”

Install the AntiSPAM agents


Set the action for Spoofed Domain as Reject

  Set-SenderIDConfig -SpoofedDomainAction  Reject

Example of a spoofing attempt blocked by the Agent

mail from:
250 2.1.0 Sender OK
rcpt to:
250 2.1.5 Recipient OK
354 Start mail input; end with <CRLF>.<CRLF>
Subject: Spoofing test
550 5.7.1 Sender ID (PRA) Not Permitted



Exchange 2013 Lab – Usable Setup

Create users

1..100 | ForEach { Net User "User$_" MyPassword=01 /ADD /Domain; Enable-Mailbox "User$_" }

Create Rooms

1..10 | ForEach { Net User "Room$_" MyPassword=01 /ADD /Domain /Active:NO; nable-Mailbox "Room$_" -Room }

Create Distribution Groups

1..9 | ForEach { New-DistributionGroup "DL$_" ; Net Group "DL$_" "User$_ " /ADD /Domain }

Create send connector

New-SendConnector -Name Internet -Usage Internet -DNSRoutingEnabled $true -AddressSpaces * -Is ScopedConnector $false -SourceTransportServers ExchServer1

Exchange 2013 first impressions

First impressions of Exchange 2013

Exchange 2013 express lab

1. Install 1 Windows Server 2012 with AD-DS role

2. Install 1 Windows Server 2012 for Exchange

3. Add Windows Feature “Server-Media-Foundation”

3.1. Run Add-WindowsFeature Server-Media-Foundation -Restart

4. Install Unified Communications Managed API 4.0 Runtime

4.1. Download from

4.2. Run UcmaRuntimeSetup.exe /q

5. Install Microsoft Office 2010 Filter Packs

5.1 Download from

5.2. Run FilterPack64bit.exe /quiet

6. Install Exchange 2013

6.1. Run Setup.EXE /mode:install /Roles:M,C /IAcceptExchangeServerLicenseTerm /OrganizationName MyExpressLab

Y, fue!