locked
Allow Specific external domains send to distribution groups, discard all other emails RRS feed

  • Question

  • Exchange 2010 SP1,

    I am looking for a solution for this problem, be it exact details on how to configure a Transport Rule(s) to allow this or any other method that will work. Simply put we would like specific external domains to be able to send to some of our DL's. 

    As an example; 
    Accepted Domain: acexample1.com
    Distribution Lists: tech@acexample1.com , allcompany@acexample1.com , alldevteam@acexample1.com

    We work with many companies where we want to be able to receive email from them to these distribution lists without accepting mail from just anyone.

    External Domain we want to accept mail from: externcompany1.com, externcompany2.com, thesedevguys3.com

    For all other incoming mail to these distribution lists from external should either be dropped(no NDR) or redirected to a overflow/spamcatch mailbox.



    • Edited by KittCarr Wednesday, March 27, 2013 6:12 PM clarified the last sentence.
    Wednesday, March 27, 2013 6:09 PM

All replies

  • Hi

    It is hard to do, Because you can not control Outside distribution list

    One workaround you can try

    First create the External distribution list members as local mail Contacts, then put those contacts into a local distribution list.

    In the Exceptions on Transport Rule

    Choose Except When the message is from a member of distribution list

    Hope it helps

    Cheers

    If you have any feedback on our support, please click here


    Zi Feng
    TechNet Community Support

    Thursday, March 28, 2013 7:48 AM
    Moderator
  • Hi

    It is hard to do, Because you can not control Outside distribution list

    One workaround you can try

    First create the External distribution list members as local mail Contacts, then put those contacts into a local distribution list.

    In the Exceptions on Transport Rule

    Choose Except When the message is from a member of distribution list

    Hope it helps

    Cheers

    If you have any feedback on our support, please click here


    Zi Feng
    TechNet Community Support

    This does not work because what happens when configured is all mail is dropped/redirected regardless if sent to this distribution list or sent directly to the user - ANY Email sent to a member of this distribution list DO THIS ACTION. This caused all mail sent to the users of the specific group to be redirected.
    Tuesday, April 2, 2013 2:48 PM
  • Let me clarify my request.

    I work for a company example.com

    I have two distribution lists  Support@example.com and teamwork@example.com These lists contain members within my organization. These lists should not be available for anyone in the world to send to (in general -RequireSenderAuthenticationEnabled $true ) however we have an exception to add.

    We consistently work with members from Microsoft and Logitech on projects, thus I would like anyone at these companies to be able to send to these distribution lists. I'd like to accept mail from george@microsoft.com, techsupport@microsoft.com, contractrep@logitech.com without opening up the list to the rest of the world.

    It should not matter what distribution lists are outside my org, only that I allow a specific external domain to accept the mail.

    Thanks,

    Kitt

    Tuesday, April 2, 2013 3:04 PM
  • On Tue, 2 Apr 2013 15:04:26 +0000, KittCarr wrote:
     
    >
    >
    >Let me clarify my request.
    >
    >I work for a company example.com
    >
    >I have two distribution lists Support@example.com and teamwork@example.com These lists contain members within my organization. These lists should not be available for anyone in the world to send to (in general -RequireSenderAuthenticationEnabled $true ) however we have an exception to add.
    >
    >We consistently work with members from Microsoft and Logitech on projects, thus I would like anyone at these companies to be able to send to these distribution lists. I'd like to accept mail from george@microsoft.com, techsupport@microsoft.com, contractrep@logitech.com without opening up the list to the rest of the world.
    >
    >It should not matter what distribution lists are outside my org, only that I allow a specific external domain to accept the mail.
     
    You can't do that if they send e-mail to your company using an
    anonymous SMTP connection. They'd have to provide their credentials to
    your SMTP server (and you'd have to give them an account in your AD).
    Until then they're just, well, anonymous.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Wednesday, April 3, 2013 2:02 AM
  • Hi there,

    I'd like to revisit this but taking the tack that anonymous access is allowed (i.e. accept emails from external) but then limit by external domain.

    From what I can see in Exchange (2013) this does not look to be possible by either restricting senders (as these need to be <name>@<domain>) or by a transport rule.

    Someone else may have a better idea as I feel this is probably a common scenario from our customers...

    Thanks for any assistance in advance.

    Best regards,

    Simon

    Wednesday, March 26, 2014 2:07 PM
  • I've cracked this....

    You'll need to create a transport rule and under Exchange 2013 it does have the facility.

    You'll need the rule logic to be like this;

    If the message is sent to: <address>

    Do the following: Reject

    Except if: Senders address domain is... abc.com

    or if received from: <group name> (This allows the group to send to itself).

    Wednesday, March 26, 2014 2:32 PM
  • I just tried to do this and office 365 stated that this type of rule cannot be setup for DLs
    Wednesday, May 4, 2016 6:19 PM
  • HI There as a response to the 365 Statement, Have you tried applying a rule to an alias and a contact. 365 and Exchange will not need credentials for them.

    let clarify the rule proposed will stay the same but Create a contact pointing to the external user and the create a hidden alias pointing to "allusers" DL.

    just a though admittedly I might not be the cleanest way  

     
    Friday, February 24, 2017 9:24 AM