Monday, November 9, 2009

Updated! Appending Whitelisted Domains to Exchange 2007's BypassedSenderDomain variable

My Problem:
I added a few domains to Exchange 2007's domain white list via the Exchange Management Shell using the cmdlet, Set-ContentFilterConfig -bypassedSenderDomains domain1.tld,domain2.tld. However, running the same command with domain3 as a variable will overwrite domain1.tld and domain2.tld. I needed to add domain3.tld to the existing whitelisted domains.

The Solution:
Nov 11, 2009 Update: Thanks to a tip in the comments section from one of my readers ( ::waves at Sharon:: ), I now use Glen Scales's PowerShell script that creates a simple GUI interface which allows you to update both the bypassedSenders and the bypassedSenderDomains list.







Before that GUI script, I would dump the existing contents of the bypassedSenderDomains variable to a new variable, add information to the new variable and then run Set-ContentFilterConfig using the newly modified variable:
$varWhitelist = (get-contentFilterConfig).bypassedSenderDomains
$varWhitelist.add("domain3.tld")
Set-ContentFilterConfig -bypassedSenderDomains $varWhitelist
There! It's so simple... or, not?



Etcetera:
As an addendum to this post, I have a complaint to lodge. Firstly, I don't mind a CLI/shell. I like PowerShell. I feel ashamed that I'm such a GUIfied Windows admin and sincerely want to get proficient with the command line, preferably PowerShell. However, the fact that certain functions in Exchange can only be done via the Management Shell and not the Console confutes me. Especially since the Console was touted as being built 100% on PowerShell.

Would someone in Microsoft's development department have their head melt like that guy at the end of Raiders of the Lost Ark if they added a simple GUI interface for the whitelisted domains feature? This seems like such a oft-used feature that it makes no sense to me to hide it in the shell. That's like taking something as commonplace to use as configuring your desktop picture and hiding it in a command line interface while leaving other similar options such as resolution and desktop icons in the GUI interface.

Furthermore, adding new domains shouldn't take three lines of script to do. I'm sure I could cram it on one line, but it's still three separate expressions. What's up with that? Maybe I'm just a whiny Windows admin.

2 comments:

  1. Take a look at:

    http://gsexdev.blogspot.com/2009/02/content-filtering-system-whitelist-gui.html

    HTH

    Sharon.

    ReplyDelete
  2. Very neat tool, Sharon! Thanks for the tip! I just downloaded it and used it on my SBS 2008 machine.

    ReplyDelete