Sunday, February 22, 2009

Content Filtering System Whitelist GUI for Exchange 2007

If you’re using the built-in Content Filtering in Exchange 2007 on a Hub or Edge server you may want to take advantage of System white lists. But if you have used the Set-ContentFilterSetting cmdlet you may have noticed this isn't the most user friendly cmdlet. If you’re maintaining these lists on a regular basis you may really start to dislike the lack of a GUI well I certainly do so I built a pretty simple GUI to make managing the BypassedSenders and BypassedSenderDomains a more enjoyable experience.

It’s pretty simple code first it uses Get-ContentFilterSetting to get the current setting of both of these properties and then displays then in a DatagridView. You can then add more entries or change existing entries by editing the flexGrid then when you hit the update button it will run back through the datagrid values and then creates a collection which is then used to update the ByPassedSenders or ByPassedSenderDomains properties.

I've put a download of the script here the script look like

[System.Reflection.Assembly]::LoadWithPartialName("System.Drawing")
[System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms")

function UpdateBypassSenders(){
$newcombCollection = @()
foreach($Item in $dgDataGrid.Rows){
if ($item.Cells[0].Value -ne $null){
if ($item.Cells[0].Value -ne ""){
$newcombCollection += $item.Cells[0].Value
}
}
}
Set-ContentFilterConfig -BypassedSenders $newcombCollection
$fsTable.Clear()
$contentFilterConfig = get-ContentFilterConfig
foreach ($ent in $contentFilterConfig.BypassedSenders){
$fsTable.Rows.add($ent.ToString())
}
$dgDataGrid.DataSource = $fsTable
}

function UpdateBypassSenderDomains(){
$newcombCollection = @()
foreach($Item in $dgDataGrid1.Rows){
if ($item.Cells[0].Value -ne $null){
if ($item.Cells[0].Value -ne ""){
$newcombCollection += $item.Cells[0].Value
}
}
}
Set-ContentFilterConfig -BypassedSenderDomains $newcombCollection
$fsTable1.Clear()
$contentFilterConfig = get-ContentFilterConfig
foreach ($ent in $contentFilterConfig.BypassedSenderDomains){
$fsTable1.Rows.add($ent.ToString())
}
$dgDataGrid1.DataSource = $fsTable1
}

$form = new-object System.Windows.Forms.form

$contentFilterConfig = get-ContentFilterConfig
$Dataset = New-Object System.Data.DataSet
$fsTable = New-Object System.Data.DataTable
$fsTable.TableName = "BypasssedSender"
$fsTable.Columns.Add("WhitelistEntry")
$BypassSenderArray = $contentFilterConfig.BypassedSenders.ToString().Split(',')

foreach ($ent in $contentFilterConfig.BypassedSenders){
$fsTable.Rows.add($ent.ToString())
}

$fsTable1 = New-Object System.Data.DataTable
$fsTable1.TableName = "BypassedSenderDomains"
$fsTable1.Columns.Add("WhitelistEntry")

foreach ($ent in $contentFilterConfig.BypassedSenderDomains){
$fsTable1.Rows.add($ent.ToString())
}

$dgDataGrid = new-object System.windows.forms.DataGridView
$dgDataGrid.Location = new-object System.Drawing.Size(20,50)
$dgDataGrid.size = new-object System.Drawing.Size(250,450)
$dgDataGrid.AutoSizeRowsMode = "AllHeaders"
$form.Controls.Add($dgDataGrid)
$dgDataGrid.DataSource = $fsTable

$dgDataGrid1 = new-object System.windows.forms.DataGridView
$dgDataGrid1.Location = new-object System.Drawing.Size(320,50)
$dgDataGrid1.size = new-object System.Drawing.Size(250,450)
$dgDataGrid1.AutoSizeRowsMode = "AllHeaders"
$form.Controls.Add($dgDataGrid1)
$dgDataGrid1.DataSource = $fsTable1




# Add Update Button

$exButton = new-object System.Windows.Forms.Button
$exButton.Location = new-object System.Drawing.Size(20,530)
$exButton.Size = new-object System.Drawing.Size(150,20)
$exButton.Text = "Update - Senders"
$exButton.Add_Click({UpdateBypassSenders})
$form.Controls.Add($exButton)

# Add Update Button

$exButton1 = new-object System.Windows.Forms.Button
$exButton1.Location = new-object System.Drawing.Size(320,530)
$exButton1.Size = new-object System.Drawing.Size(150,20)
$exButton1.Text = "Update - Domains"
$exButton1.Add_Click({UpdateBypassSenderDomains})
$form.Controls.Add($exButton1)

$Gbox = new-object System.Windows.Forms.GroupBox
$Gbox.Location = new-object System.Drawing.Size(10,15)
$Gbox.Size = new-object System.Drawing.Size(270,550)
$Gbox.Text = "By-Passed Senders"
$form.Controls.Add($Gbox)

$Gbox1 = new-object System.Windows.Forms.GroupBox
$Gbox1.Location = new-object System.Drawing.Size(310,15)
$Gbox1.Size = new-object System.Drawing.Size(270,550)
$Gbox1.Text = "By-Passed Sender Domains"
$form.Controls.Add($Gbox1)

$form.Text = "Exchange 2007 WhiteList Form"
$form.size = new-object System.Drawing.Size(600,600)
$form.autoscroll = $true
$form.Add_Shown({$form.Activate()})
$form.ShowDialog()

44 comments:

Anonymous said...

Hi,

This sound really good but forgive my ignorance. How do you run the Script. Do I need to change the file extension?

fogive me as I am new to exchange 2007

Saltrock

Glen said...

You need to run this from within the Exchange Management shell and just run the script using something like .\whitelistgui.ps1

Cheers
Glen

Anonymous said...

This is truly excellent. Just what I needed. Thanks for your generosity!

-John S

Philip Fuesser said...

Great script. thanks for your efforts.

Anonymous said...

Thanks heaps - worked a treat!

Anonymous said...

What an awesome script..many thanks for sharing!! E2K7 script of the year 2009!

Anonymous said...

Thank YOU for this script!!

(rant mode: please wear fireproof vest)
How come MS could not even think that we need to continually add to whitelist??? sheesh....

Anonymous said...

Love it! Thanks

Anonymous said...

Thanks amazing!

One question:
I try to update manually and easily this list.

EX:

*Adding a mail address
C:\Script>Set-ContentFilterConfig -Bypassedsenders badspam@bad.org

*Results
C:\Script>Get-ContentFilterConfig | select BypassedSenders

BypassedSenders
---------------
{badspam@bad.org}

*Now through a list (whitelist.txt)
stupid@dumb.org
smart@dumb.org

C:\Script>Set-ContentFilterConfig -Bypassedsenders (get-content whitelist.txt)

*Results
BypassedSenders
---------------
{smart@dumb.org, stupid@dumb.org}

*We can see that this erased badspam@bad.org...

How can i do it to update progressivly ? such as a ">>" thing.

Any Idea?
Thanks
Fabien

T said...

Damnit Glen, You Rock!!!

// T

Anonymous said...

Huzzah! made my day. Thankyou!

Anonymous said...

Hello

Can't install script, message = not signed script forbiden to install, how can i solve it? thanks in advance

Glen said...

Have a look at http://technet.microsoft.com/en-us/library/dd347649.aspx you need to either sign the script or change you default execution policy

cheers
Glen

Anonymous said...

Wow, just found this and it's totally rad. Thank you kindly! Really makes the process more simple.

Defman said...

I love you.

Ian Harper - MD Harper Office said...

You are a leg end..... Ooops sorry I meant LEGEND! What a wizzard bit of code. Thank you very much indeed.

Froppy said...

Holy good lord this is amazingly simple and a complete wonder why someone at MS wouldn't think something like this would be useful to include... ridiculous.

It took me 2 months to realize that when I was adding domains/email addresses to the whitelist that it was REPLACING the previous one.. really? I mean, it didn't even cross my mind that something like that would be in place. Simply ridiculous.

Thank god for Glen!

Anonymous said...

Work great. Only problem is when I typed a comma instead of a period within a domain name and lost everything since the last update.
Is there any way to increase the 800 limit entries?

ray

Arnold said...

very nice. work great. thank you. i'm re-posting them on my blog so i wont forget it.
thanks again.

Ryan said...

YOU ARE THEEE MAN!!

Anonymous said...

A MAZING
Marvell Arse

Well done and thank you.

doalwa said...

Works like a charm, thank you very much indeed!!!

doalwa said...

Thanks a million, this script works wonderfully...will definately deploy it on all of our customers Exchange servers!

It also works just fine with Exchange 2010!

Anonymous said...

Bad ass. Simply bad ass. Every bit as useful as the cAgentTracker.ps1

Anonymous said...

Using it with Exchange 2010, and I truly and completely thank you from the bottom of my heart. :)

Ken said...

Heroic!

Jon Redwood said...

MINT!

Thanks Glen

Xin said...

script is great but not sure why, added bypass domain still got marked as ***SPAM***. Do I need to restart the exchange for any changes?
Ta.

Glen said...

Exchange doesn't do subject marking so it sounds like you have another host in you network that is doing Spam filtering ?

Cheers
Glen

Xin said...

You are the man, Glen. My Fortgate firewall is the one adding ***SPAM. Thanks for the tips!

Jeff said...

I just found this... THANK YOU!

Anonymous said...

fantastic script

Monte Matson said...

I don't know how to code, but I have used this script now for about a year.

Is there any way to have the forms when they come up to put all the addresses in alphabetical order?

That would be a huge help...

Anonymous said...

Best script ever.

Anonymous said...

I just wanted to say how useful this script is and how much I appreciate that you posted it and made it available. I do not understand why microsoft does not include this with exchange out of the box. Thank you very much Glen.

vps said...

Amazing, thank you

Ceez said...

Excellent script! Thank you!

If you get a message about the unsigned certificate just right-click on the script, go to properties, and click "Unblock".

Matt said...

Really fantastic work!!!! I just used this to replace my ever growing notepad doc of whitelisted domains. Thank you!!!

Anonymous said...

Great script thank!

Anonymous said...

Yes works with Exchange 2010 - great job!

Anonymous said...

Awesome script - you ARE THE MAN !
How can Microsoft not include something like this ?

Anonymous said...

You are DA MAN!!! its people like you who make the world a better place...I just tested it on Exchange 2013 and it works flawlessly.
I made it look pretty and changed it to "Exchange 2013 Whitelist Form"
Something done correctly the first time...

Anonymous said...

YOU ARE GREAT!!!
Thanks!!!

Anonymous said...

I can't seem to get this whitelist to work when i'm using DNS blacklists. Is there a way to make the whitelist take priority over it?