Solved

Restricting users from sending internal email

Posted on 2006-06-30
13
330 Views
Last Modified: 2010-03-06
Hi

We have a number of sites in a large AD.

I would like users in one specific site to only be allowed to send email to that particular site.

I realise that I can set every other user in the AD to not accept mail from users in this site on a per user basis, but I would like to apply this to just the users in the problem site otherwise management becomes a major pain.

Basically, site A has its own domain name, sitea.com. Site A is not allowed to send email to siteb (siteb.com) or sitec (sitec.com) etc etc.

Any help greatly appreciated, if you need further info ask away

Richard
0
Comment
Question by:rjropes
  • 5
  • 3
  • 2
  • +1
13 Comments
 
LVL 26

Expert Comment

by:Vahik
Comment Utility
Use ADModify tool to apply mass change to active directory users...
do a google serach and download....no traning is needed to run the tool...very easy..
0
 
LVL 4

Author Comment

by:rjropes
Comment Utility
I want to avoid doing mass changes to every user in AD as any new users will be missed from the changes so am looking for a different solution

Thanks

Richard
0
 
LVL 104

Expert Comment

by:Sembee
Comment Utility
Are these users going to be allowed to send email to the outside world?
If not, then simply block all outbound SMTP traffic. Most inter-server traffic goes by SMTP, so that would stop them in their tracks.

Odd request - not something that has come up on here before.

Simon.
0
 
LVL 26

Expert Comment

by:Vahik
Comment Utility
OK that is not a problem....create a smtp connector and prevent all users sending through that connector...that will prevent users sending out....but it will not prevent users sending internally or recieving from outside...
0
 
LVL 4

Author Comment

by:rjropes
Comment Utility
Hi

Sorry, bad explanation in the question.

The users are all in one AD, hosted on one Exchange 2003 cluster.

Thus to send from one 'domain' to another 'domain' exchange server sees it as local delivery. Each different site has its own DNS domain name and email tag, all hosted by the main exchange server.

I have already tried the connector approach, but as it is local delivery it does not go through it.

I already have in place a connector for external email that these users are not allowed to send through, which is working fine.

Odd request ... odd needs by odd customers (put angry face here)

Apologies for the confusion

Thanks

Richard
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 26

Accepted Solution

by:
Vahik earned 500 total points
Comment Utility
well since all users are on the same server then u are right about connector and ur only option will be to use query base distribution group for each domain and then use that group to deny email acceptance per user using ADModify
...if it works(never used it) then  u dont have to micromanage adding and removing users....
0
 
LVL 104

Expert Comment

by:Sembee
Comment Utility
The way that Vahik has outlined is the only way that I can think of doing it. It is simply not something that Exchange was designed to do en-masse.

Simon.
0
 
LVL 4

Author Comment

by:rjropes
Comment Utility
Hi

I know how to create query based distribution groups to include the members that i want, but am then a little unsure as to what I need to do next?

Could you give me a little step by step after I have created the query based dl please

thanks

richard
0
 
LVL 4

Author Comment

by:rjropes
Comment Utility
Hi

After re-reading your comments, this is just about what I said at the start, what I meant by doing it on a per-user basis.

What I was looking for was a way of doing it on a global scale. On first reading your answer I was thinking that the qbdl was to encompass all of the users that I wanted to prohibit sending to rather than having to use a mass tool to change everyones details.

I don't want to go down this route as we have a lot of users that we add / delete on a daily basis and people would slip through the net

Any other ideas?

Thanks

Richard
0
 
LVL 4

Author Comment

by:rjropes
Comment Utility
Hi

I do not think that this question has been answered as the solution is about the same as what I could already do and stated in the question rather than being an answer sorry guys

thanks

richard
0
 
LVL 39

Expert Comment

by:redseatechnologies
Comment Utility
Hi Richard,

I read through the question and accepted Vahik's answer as a solution, simply because the answer here is "what you want to do cannot be done the way you want"

Sorry it didn't work out better for you, the moderator will decide on this in another 3 days or so - they may very well PAQ: Refund it instead of accepting an answer

Thanks

-red
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now