Problem solve Get help with specific problems with your technologies, process and projects.

Freeware blacklist extension for Exchange

Open Relay Filter, by Martijn Jongen, is a freeware blacklist extension application that extends the functionality of Exchange 2003's built-in blacklist support.

Please let others know how useful this tip is via the rating scale at the end of it. Do you have a useful Exchange or Outlook tip, timesaver or workaround to share? Submit it to our tip contest and you could win a prize.

While Exchange 2003 does have built-in support for realtime blacklists (RBLs), third-party applications are available that can extend that functionality to make it more versatile and useful.

One that has been around for a while is Martijn Jongen's Open Relay Filter, now in its 5.0.2 revision. ORFilter (as it's abbreviated by the author) is free, but donations to the author are encouraged. It works on Exchange Server 2000 or 2003 and Windows 2000 Server or higher.

Open Relay Filter supports several types of blacklists -- conventional DNS blacklists, such as and, and a relatively new variety of blacklist known as SURBL – spam URI realtime blocklists (

SURBL blacklists maintain lists of URLs mentioned in spam e-mails -- any e-mail that contains a link to a blacklisted URL is strongly considered to be spam unless it's whitelisted in some fashion.

ORFilter also supports filtering by custom word lists. And, internal IP/SMTP blacklists/whitelists -- mail from specific SMTP servers, not just machines or e-mail addresses -- can be flagged as good.

When ORFilter flags a message, it adds a custom X-ORFilter header to the message to describe why it was bounced (keywords, blocked address, etc.). Each specific spam "symptom" is assigned a score value, and messages that exceed a given score threshold are marked as spam. The flagged e-mail can be deleted on the spot, rejected while still in SMTP processing, or admitted with a changed subject line or spam-relevant message headers.

Finally, all of Open Relay Filter's activity can be logged; if a message is rejected, the log will describe it in detail. A user doesn't have to track down the message itself and read the headers to find out why it bounced.

About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter and a regular contributor to

Do you have comments on this tip? Let us know.
Related information from

  • On-Demand Webcast: Inside the secret world of spammers (Speaker: Spammer-X, author of Inside the Spam Cartel)
  • Malware Learning Guide: Spam, spyware and viruses
  • Geek Speak Quiz: Inside the spammer's lair
  • Chapter Download: Would the real sender please stand up?
  • Topics Library: Spam prevention and management tips and expert advice

  • Dig Deeper on Exchange Server setup and troubleshooting

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.