How to configure users for internal mail routing only
-
Friday, December 19, 2008 12:13 PMHi Guys!
I have a scenario here that i have three (3) group of users, one group is able to have an inbound and outbound mail, meaning they can send and recieved emails from internal and external.The second group of users should have inbound mail(local mail) only (cannot send and recieved mails from internet), and the third (3) user is they can recieved an outbound mail but they are not allowed to send mail directly to the client,(Ex. distributionlist1@mydomain.com,member1@mydomain.com,member2@mydomain.com) instead they will use the distributionlist1@mydomain.com as the reply to the client. Please let me know how to configure group user 2 and 3.
Thank you.
regards,
LRMCP
Answers
-
Friday, December 19, 2008 1:52 PM
Hello,
You should be able to use Transport Rules to do that. Make sure those groups are Distribution Groups (they can eventually be hidden from Address Lists).
To forbid sending E-mails outside of Exchange, create a rule:
- if sender is member of group2
- and message is sent outside the organization
- then drop the message
- and send NDR with status code (choose code and message)
To forbid receiving E-mails from the Internet:
- either use the same principle (if user is member of group2 and sender is outside the organization, drop with a custom message
- or in the delivery options for those users, only allow messages from authenticated users
- you can make exceptions, for instance if you have custom applications sending messages directly to Exchange
For group3, then
- create a rule that forbids sending to member of a distribution list when sender is member of group3
- and send NDR etc
Hope this helps,
Benoit.
Benoit Boudeville - Avanade France & Belux http://unifiees.blogspot.com- Proposed As Answer by Amit TankModerator Friday, December 19, 2008 3:23 PM
- Marked As Answer by James-LuoMicrosoft Contingent Staff, Moderator Monday, December 22, 2008 2:58 AM
-
Friday, December 19, 2008 3:20 PMModerator
Hi LRMCP,
Procedure is perfect which is given by Benoit, just elaborating steps.
Prevent form Sending Mails:
Create a transport rule on Hub Transport Server:
Organization Configuration -> Hub Transport -> Transport Rules -> New Transport Rule -> Give Name “Group2 - No Internet Mail”
Conditions: select "From a member of a distribution list" & select group "Group2"Select another condition "Sent to users inside or outside the organization" & Select Outside.
Actions: select "send bounce message to sender with enhanced status code" & write your custom message like “You are not authorized to send mails to internet”
Prevent from Receiving Mails:
New User: You can select “require that senders are authenticated” while creating new users which will stop receiving mails from internet.
User -> properties -> Mail Flow Settings -> Message Delivery Restrictions -> Properties -> set Sender Authentication.
For Existing Users:
You have already a group named "Group2" so set sender authentication for all members with this single command.
Get-DistributionGroup "Group2" | Set-Mailbox -RequireSenderAuthenticationEnabled $true
Same procedure mentioned for group2 can be followed for Group3 to prevent from sending mails.
Amit Tank || MVP - Exchange || MCITP - Exchange 2007 || http://ExchangeShare.WordPress.com- Marked As Answer by LRMCP Friday, July 24, 2009 8:30 AM
All Replies
-
Friday, December 19, 2008 1:52 PM
Hello,
You should be able to use Transport Rules to do that. Make sure those groups are Distribution Groups (they can eventually be hidden from Address Lists).
To forbid sending E-mails outside of Exchange, create a rule:
- if sender is member of group2
- and message is sent outside the organization
- then drop the message
- and send NDR with status code (choose code and message)
To forbid receiving E-mails from the Internet:
- either use the same principle (if user is member of group2 and sender is outside the organization, drop with a custom message
- or in the delivery options for those users, only allow messages from authenticated users
- you can make exceptions, for instance if you have custom applications sending messages directly to Exchange
For group3, then
- create a rule that forbids sending to member of a distribution list when sender is member of group3
- and send NDR etc
Hope this helps,
Benoit.
Benoit Boudeville - Avanade France & Belux http://unifiees.blogspot.com- Proposed As Answer by Amit TankModerator Friday, December 19, 2008 3:23 PM
- Marked As Answer by James-LuoMicrosoft Contingent Staff, Moderator Monday, December 22, 2008 2:58 AM
-
Friday, December 19, 2008 3:20 PMModerator
Hi LRMCP,
Procedure is perfect which is given by Benoit, just elaborating steps.
Prevent form Sending Mails:
Create a transport rule on Hub Transport Server:
Organization Configuration -> Hub Transport -> Transport Rules -> New Transport Rule -> Give Name “Group2 - No Internet Mail”
Conditions: select "From a member of a distribution list" & select group "Group2"Select another condition "Sent to users inside or outside the organization" & Select Outside.
Actions: select "send bounce message to sender with enhanced status code" & write your custom message like “You are not authorized to send mails to internet”
Prevent from Receiving Mails:
New User: You can select “require that senders are authenticated” while creating new users which will stop receiving mails from internet.
User -> properties -> Mail Flow Settings -> Message Delivery Restrictions -> Properties -> set Sender Authentication.
For Existing Users:
You have already a group named "Group2" so set sender authentication for all members with this single command.
Get-DistributionGroup "Group2" | Set-Mailbox -RequireSenderAuthenticationEnabled $true
Same procedure mentioned for group2 can be followed for Group3 to prevent from sending mails.
Amit Tank || MVP - Exchange || MCITP - Exchange 2007 || http://ExchangeShare.WordPress.com- Marked As Answer by LRMCP Friday, July 24, 2009 8:30 AM
.png){kind=spacer}
