How do you know these RBL’s are working? Where do you get information about what they are doing? Which RBL provider is blocking the most?
Well by default the RBL logs are located under:
C:\Program Files\Microsoft\Exchange Server\TransportRoles\Logs\AgentLog
If I crack one of these log files open it will look similar to this:
When an incoming sender’s IP is found in an RBL, the SMTP connection from the sender is dropped and the contents of the spam email will never reach your organisation. Because of this, spam detected by an RBL will never appear in your quarentine mailbox. RBL checks are done before the Exchange Content filter. Most exchange administrators that run RBL's will notice little spam appearing in the spam mailbox because RBL's will filter most the spam out. Additionally mail blocked by an RBL will not appear in the Message Tracking Log which is viewable by typing Get-MessageTrackingLog.
It is possible to get summary information from all the RBL log files by using a powershell script called get-antispamtoprblproviders.ps1 located by default in C:\Program Files\Microsoft\Exchange Server\Scripts