Exchange Server 2003 Service Pack 2 (SP2) delivers two new antispam features: Sender ID and Intelligent Message Filter (IMF). Both features are part of the Coordinated Spam Reduction Initiative announced by Microsoft more than a year ago.
Sender ID adds to Exchange Server 2003's antispam weaponry. Sender ID itself won't defeat spam, but it's certainly a key player that makes spamming harder. Given that the economics of spam favor the bad guys (i.e., low cost, high profit, and anonymity), anything that makes their lives more complicated can only be welcomed. So, let's look at how you can complicate some spammers' lives by implementing Sender ID into your organization. But first you need to know how Sender ID fits into Exchange 2003 SP2's overall defense against spam and how Sender ID works.
The Overall Defense
Exchange 2003 has a framework that supports many features designed to reduce the volume of spam. With SP2, the framework is extended to combat other disruptive email practices, such as spoofing and phishing. The framework is basically a set of filters that you can configure to act on different parts of messages (e.g., IP addresses, senders, recipients, contents) when those messages enter your Exchange system. For example, you can use connection filters to validate a connecting client's IP address against real-time block lists and sender filters to protect against spoofing. You can use recipient filters to protect against directory harvest attacks and to prohibit users from receiving external mail. Content filters can give you an indication of the likelihood that an email is malicious. . . .
