Hello and welcome to our Knowledge Base. Our experts provide answers to the most frequently asked questions of our customers. Start your information search here to find your answer quickly and easily.
Please enter your query or select one of the above categories.

Knowledge Base Exchange Server Toolbox


To use the search function, you need JavaScript enabled.

All entries (Page 2 / 3)
Is there anyway I can get the documentation for your products to assess their capabilities without installing them?
After installing the newest version, the SpamAssassin service stops shortly after starting.
What can I do?

To solve this problem, you must first stop the SpamAssassin service, possibly by deactivating the service in the Windows Service Control.
Then you have to move or rename the following files:

C:\ProgramData\JAM Software\spamdService\Service.config
C:\ProgramData\JAM Software\spamdService\SpamD.config

These are the old configuration files that cause a problem when converting to a new format.

In addition, the "SpamAssassinServiceController.config" file should be deleted as this was probably created with incorrect values.
This file will then be created again by SpamAssassin the next time it is started.

If you now restart the SpamAssassin service, it should work again without any problems.

Is the administration interface of the EST only used on the Exchange or can it be installed on any client in the network?

No, unfortunately this is not possible at present. The EST administration interface is only available on the Exchange Server.

Unfortunately I cannot get the AVG virus scanner to detect the test virus. Do you have experience which settings I still need to change? Otherwise I like the program very much, but I would not like to change the virus scanner.

General settings for each virus scanner that you want to use with "Exchange Server Toolbox" or "SmartPOP2Exchange" are - If a virus is found (files and archives), no user interaction (asking) may be required. Select "Delete file" or "Rename/Move file". - Disable any scanning of POP3/IMAP and SMTP protocols. This option is usually described as "Scan inbound/outbound email".

You can also use the integrated ClamAV virus scanner in addition to your own.

A certain, or some e-mails are sorted out as spam. Why is this?

The results of the integrated SpamAssassin are written in the header of the mail, just like any other SpamAssassin. If you right-click on the mail in your Outlook and select "Message Options", a dialog appears in which you can view the Internet headers of the mail.
There you will find the spam report, which gives information about which rules have been applied to this mail:
X-Spam-Checker version: SpamAssassin 3.1.7 (2006-10-05)
     * on server1.intranet.jam-software.com
     * at Wed, 09 Apr 2008 15:56:40 +0200
X-Spam status: No, hits=1.0, required= 3.6, autolearn=no
X-Spam Report: * 0.5 HTML_40_50 BODY: Message is 40% to 50% HTML
     * 0.0 HTML_MESSAGE BODY: HTML included in message
     * 0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60%
     * [score: 0.5077]
     * 0.2 HTML_TITLE_EMPTY BODY: HTML title contains no text
     * -2.0 SP2E_BodyWordWLRule BODY: SP2E_BodyWordWLRule
     * 2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address
     * [ listed in dnsbl.sorbs.net]
     * 0.0 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
     * [ listed on zen.spamhaus.org]
     * 0.3 URIBL_GREY Contains to URL listed in the URIBL greylist
     * [URIs: googlepages.com]

Are the rules of the Exchange Server Toolbox evaluated before the Exchange Server bounces an email because the recipient does not exist?

Yes, the Exchange Server Toolbox becomes active immediately after SMTP reception.

Does the used SpamAssassin version check SPF-records of the sending mail servers?
Can own SpamAssasin directives be inserted, e.g.: score SPF_FAIL 58.5score SPF_HELO_FAIL 58.5?
Where would a corresponding file be stored?

Yes, the SpamAssassin used checks SPF records. The default settings for SPF can be found in 25_SPF.cf or the corresponding scores in 50_scores.cf. If you are using "Exchange Server Toolbox" the best way to set your own scores is to use the built-in editor for creating custom SpamAssassin config files which you can find under Spam Options.

For more information about the options, see:

Alternatively, you can manually create your own .cf file in which you define your "rules", this should only come last alphabetically, since SpamAssassin will evaluate the cf files in numerical-alphabetical order. (For example XMySettings.cf).

Translated with www.DeepL.com/Translator (free version)

How can I adjust the threshold/score at which mails are being tagged as spam?

If you use SpamAssassin in conjunction with "Exchange Server Toolbox" or "SmartPOP2Exchange", the Configured Score in "Exchange Server Toolbox" or "SmartPOP2Exchange" Rule-Condition usually determines how a scanned email should be handled.

If you use "SpamAssassin in a Box" alone, proceed as follows:
The threshold can be configured in the configuration "C:\ProgramData\JAM Software\spamdService\sa-config". Please open the text file with an appropriate text editor and search for the following line:
# required_score 5.0
Remove the comment sign (#) in front of the line and adjust the score to the desired value. Please note that any changes in the configuration files in the configuration directory will require a restart of the SpamAssassin daemon in order to take effect.

Why does the "URIBL_BLOCKED ADMINISTRATOR NOTICE" SpamAssassin rule hit on any of my messages, what is it for and how can I avoid this?

URIBL (http://www.uribl.com) is a DNS-based Blackhole List which tracks IP addresses which are commonly used for sending spam mails. URIBL is enabled by default for SpamAssassin installations but allows only a certain amount of requests from the same IP every day. If this amount is exceeded, any further requests will be blocked by the URIBL servers with the info notification above.

This typically happens for SpamAssassin installations that use public DNS resolvers such as Google. As any request that is forwarded via the Google servers has the same IP when it reaches the Blackhole list, all requests will share the same limit. For usage of an alternative DNS, please follow these instructions.

For the following domains it is currently useful to set up forwarding to ensure the full functionality of SpamAssassin:
- zen.spamhouse.org
- sbl.spamhouse.org
- list.dnswl.org
- multi.uribl.com

Now determine the name server for each of the mentioned domains.
Open a command prompt and issue the following command (e.g. for "lists.dnswl.org"):

nslookup -querytype=ns list.dnswl.org.

Example output:
list.dnswl.org nameserver = b.ns.dnswl.org
list.dnswl.org name server = c.ns.dnswl.org
b.ns.dnswl.org internet address =
c.ns.dnswl.org internet address =
c.ns.dnswl.org AAAA IPv6 address = 2600:3c01::21:1000

  • Now create a "conditional forwarding" on your domain controller for each IP address.
  • Open the DNS management console on the server
     <Server Name> ' "Conditional Forwarding" ' Right click, "New Conditional Forwarding"
  • Enter the domain (in the example: "lists.dnswl.org") and then enter the IP addresses previously queried.

How can I make use of SpamAssassin plugins, that are not part of the Windows distribution?

Please see the manual, section "Components and Plugins".

Spamassassin.exe / spamd.exe fails with the following message:
config: no rules were found!  Do you need to run 'sa-update'?

Most likely SpamAssassin is not able to find a valid rule set. Please run sa-update.bat to download the latest rules.

Sa-update fails with the following message, what can I do?
config: no configuration text or files found! do you need to run 'sa-update'?
check: no loaded plugin implements 'check_main': cannot scan!
Check the necessary '.pre' files are in the config directory.

The path to rules and/or config dir is invalid. Make sure you run the executable (spamd.exe, spamassassin.exe, ...) from their main directory instead of specifying an absolute path to run.