Enabling AntiSpam agents on Exchange 2016 Mailbox server, including Connection Filtering Agent

If you have no Edge server and want to use Exchange anti spam features, you probably already know how to install antispam agents on mailbox server:

& $env:ExchangeInstallPath\Scripts\Install-AntiSpamAgents.ps1

However this does not enable connection filtering agent, which is by far the most useful of all the agents since it allows to use online blacklists. To enable this service in exchange shell run (one line):

Install-TransportAgent -Name "Connection Filtering Agent" -TransportService FrontEnd -TransportAgentFactory "Microsoft.Exchange.Transport.Agent.ConnectionFiltering.ConnectionFilteringAgentFactory" -AssemblyPath "C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\agents\Hygiene\Microsoft.Exchange.Transport.Agent.Hygiene.dll"

You will also need to configure it with your favorite RBLs, for example:

Add-IPBlockListProvider -Name zen.spamhaus.org -LookupDomain zen.spamhaus.org -AnyMatch $true -Enabled $true
Add-IPBlockListProvider -name bl.spamcop.net -LookupDomain bl.spamcop.net -AnyMatch $true -Enabled $true
Add-IPBlockListProvider -name b.barracudacentral.org -LookupDomain b.barracudacentral.com -AnyMatch $true -Enabled $true
Enable-TransportAgent -TransportService FrontEnd -Identity "Connection Filtering Agent"
Restart-Service MSExchangeTransport