none
Send as is not working when mailbox is hidden from address list

    Question

  • Hi all,

    Does anyone know or have any valid documentation if this is by design?

    I created 3 shared mailboxes and granted 3 users access to each of these.

    2 of these shared mailboxes does not work to send as when they are hidden from address list, but one of them is working.

    Can anyone confirm if this should be working?

    According to MR Cunningham, this should work if add the mailbox as contact : http://exchangeserverpro.com/how-to-send-as-a-hidden-mailbox/

    In my case it does not work for those two mailboxes.

    Thanks!


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Tuesday, September 20, 2016 10:44 AM

Answers

  • Hi Off2work,

    Sorry for delay.

    Based on my search, this is by design in outlook, here is an official article explains this scenario, it applies to Exchange 2013/2016 also:

    Also, before you perform this procedure, be aware that you cannot send e-mail messages on behalf of a mailbox if the mailbox is hidden from address lists. When sending a message, Exchange requires that an e-mail address is resolved in the From field. In the case where a message is sent on behalf of a mailbox that is hidden from address lists, the SMTP address is interpreted as an address that isn't from your organization (known as a foreign address) and is rejected. For information about how to change your mailbox settings, see Configure User and Resource Mailbox Properties.

    In Outlook, users will receive the following errors when attempting to send a message on behalf of a mailbox that is hidden from address lists:

    • Online mode   When users press Send, they will receive the following error: "You do not have permission to send on behalf of the specified user."

    • Cached Exchange Mode   Outlook initially sends the message, but users will receive a non-delivery report (NDR) containing the following message: "You are not allowed to send this message because you are trying to send on behalf of another user without permission to do so. Please verify that you are sending on behalf of the correct sender, or ask your system administrator to help you get the required permission."

    Hope this helps,

    Best Regards,


    Niko Cheng
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Off2work Monday, September 26, 2016 9:09 PM
    Monday, September 26, 2016 6:24 AM
    Moderator

All replies

  • Please describe what you mean by "does not work."

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Wednesday, September 21, 2016 1:04 AM
    Moderator
  • Sorry for leaving that part out (its was stated in the link).

    The error message is :

    Your message did not reach some or all of the intended recipients. This message could not be sent. Try sending the message again later, or contact your network administrator. You do not have the permission to send the message on behalf of the specified user.


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Wednesday, September 21, 2016 7:25 AM
  • Hi Off2work,

    I have tested in my lab, in a shared mailbox, when grant "Send As" permission to the user, the user can send the message from the shared mailbox, whatever the shared mailbox has been hidden from address list or not.

    As below:

    1. share1 is a shared mailbox, and hide from address lists:

    2. Grant "Send As" permission to user "Jane li":

    3. Jane login OWA, and send a message from share1 to admin:

    4. Login to admin user's OWA, received the test message:

    If any misunderstanding, please feel free let me know.

    Best Regards,


    Niko Cheng
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, September 21, 2016 9:08 AM
    Moderator
  • Hi Niko and thanks for your effort. May I know your Exchange version?

    I see you are using OWA, have you tried with Outlook client?

    We are in hybrid config and all mailboxes are in Exchange online. Multiple accounts tested with same result. Our On-premise exchange server has latest CU and windows update.

    I Exchange 2016 in my home lab where it also fails with same error. It has been patched with latest CU and windows update.


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Wednesday, September 21, 2016 5:08 PM
  • Mailboxes that are in Office 365 must have Send As and Full Mailbox Access configured in the cloud, not on premises.  I can't tell from your description where you're doing what.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Wednesday, September 21, 2016 10:40 PM
    Moderator
  • Hi Off2work,

    My lab is exchange 2013 cu12 coexist with exchange 2016 cu2, and latest windows update.

    I test in outlook today, i get the same error, however, when i test in OWA again, it works also. It's really strange.

    I will do more research and give you an update as soon as possible.

    Thanks for understanding.

    Best Regards,


    Niko Cheng
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, September 22, 2016 2:27 AM
    Moderator
  • Thanks Niko,

    for me it works in OWA as well and only fails in Outlook. In my homelab I use Exchange 2016 and there it works in OWA as well. Using outlook it fails.

    My Outlook version is 16.0.6925.1038

    If I set outlook in Online mode, I get message:

    You do not have the permission to send the message on behalf of the specified user.

    This message pops up when I click Send.


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work


    • Edited by Off2work Thursday, September 22, 2016 7:50 AM Edit
    Thursday, September 22, 2016 7:46 AM
  • I wonder why you would want to send as someone who is hidden from the address book.  I've never come across anyone trying to do that before, so I strongly suggest that were you to open a support ticket, the answer you'd be given is that it's "by design".  It seems as if you've come across a corner case where Outlook differs from OWA.

    Have you tried both cached mode and online mode in Outlook?


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!


    Friday, September 23, 2016 11:11 PM
    Moderator
  • Hi Off2work,

    Sorry for delay.

    Based on my search, this is by design in outlook, here is an official article explains this scenario, it applies to Exchange 2013/2016 also:

    Also, before you perform this procedure, be aware that you cannot send e-mail messages on behalf of a mailbox if the mailbox is hidden from address lists. When sending a message, Exchange requires that an e-mail address is resolved in the From field. In the case where a message is sent on behalf of a mailbox that is hidden from address lists, the SMTP address is interpreted as an address that isn't from your organization (known as a foreign address) and is rejected. For information about how to change your mailbox settings, see Configure User and Resource Mailbox Properties.

    In Outlook, users will receive the following errors when attempting to send a message on behalf of a mailbox that is hidden from address lists:

    • Online mode   When users press Send, they will receive the following error: "You do not have permission to send on behalf of the specified user."

    • Cached Exchange Mode   Outlook initially sends the message, but users will receive a non-delivery report (NDR) containing the following message: "You are not allowed to send this message because you are trying to send on behalf of another user without permission to do so. Please verify that you are sending on behalf of the correct sender, or ask your system administrator to help you get the required permission."

    Hope this helps,

    Best Regards,


    Niko Cheng
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Off2work Monday, September 26, 2016 9:09 PM
    Monday, September 26, 2016 6:24 AM
    Moderator
  • Thanks Niko for your research.

    It is a strange "by design" since it works from OWA.

    I did another test from OWA, where I removed autofill of the address and re-add it manually, then it fails with same error as in Outlook.

    If the address is picked from autofill, it works in OWA but not in Outlook.

    Either way, thanks for your effort :)

     


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Monday, September 26, 2016 9:08 PM
  • It is not possible to add send as or full access in On-premise environment when you are in hybrid configuration. It is only possible in EXO.

    Ed, you really need vacation. Your latest contribution to TechNet has been grumpy and you give MVPs a bad reputation. I have seen many of your posts with same attitude and it is really not good at all.


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Monday, September 26, 2016 9:09 PM