The change in Exchange 2013 architecture with just two roles has had an effect on the connection filtering anti-spam agent.
John asked via email – “How can I implement connection filtering in Exchange 2013 now that FPE 2010 is discontinued? I was able to install the anti-spam agents on a 2010 hub server & the connection filtering was taken care of”.
In Exchange 2013, the anti-spam agents can only be installed on the Mailbox role. But, the connection filtering which is very useful in fighting spam emails is not available in 2013. Same goes for the attachment filter. Even though CAS proxies emails back and forth (if setup correctly), it is a stateless proxy and can’t have any anti-spam agents on it.
As there is no Edge role in 2013 yet, the workaround is to use a 2007 or 2010 Edge role with the Exchange 2013 infrastructure. Both versions of Edge server can perform connection filtering. One point to note is that the edge subscription is setup from the Mailbox role in 2013 compared to the hub in 2010.
Another option to have connection filtering will be to use a cloud based anti-spam offering like FOPE or Exchange Online Protection (EOP) as it is called these days.
Any other options?