Solved

Restricting users from sending internal email

Posted on 2006-06-30
13
334 Views
Last Modified: 2010-03-06
Hi

We have a number of sites in a large AD.

I would like users in one specific site to only be allowed to send email to that particular site.

I realise that I can set every other user in the AD to not accept mail from users in this site on a per user basis, but I would like to apply this to just the users in the problem site otherwise management becomes a major pain.

Basically, site A has its own domain name, sitea.com. Site A is not allowed to send email to siteb (siteb.com) or sitec (sitec.com) etc etc.

Any help greatly appreciated, if you need further info ask away

Richard
0
Comment
Question by:rjropes
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +1
13 Comments
 
LVL 26

Expert Comment

by:Vahik
ID: 17016829
Use ADModify tool to apply mass change to active directory users...
do a google serach and download....no traning is needed to run the tool...very easy..
0
 
LVL 4

Author Comment

by:rjropes
ID: 17016873
I want to avoid doing mass changes to every user in AD as any new users will be missed from the changes so am looking for a different solution

Thanks

Richard
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17017023
Are these users going to be allowed to send email to the outside world?
If not, then simply block all outbound SMTP traffic. Most inter-server traffic goes by SMTP, so that would stop them in their tracks.

Odd request - not something that has come up on here before.

Simon.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 26

Expert Comment

by:Vahik
ID: 17017074
OK that is not a problem....create a smtp connector and prevent all users sending through that connector...that will prevent users sending out....but it will not prevent users sending internally or recieving from outside...
0
 
LVL 4

Author Comment

by:rjropes
ID: 17017151
Hi

Sorry, bad explanation in the question.

The users are all in one AD, hosted on one Exchange 2003 cluster.

Thus to send from one 'domain' to another 'domain' exchange server sees it as local delivery. Each different site has its own DNS domain name and email tag, all hosted by the main exchange server.

I have already tried the connector approach, but as it is local delivery it does not go through it.

I already have in place a connector for external email that these users are not allowed to send through, which is working fine.

Odd request ... odd needs by odd customers (put angry face here)

Apologies for the confusion

Thanks

Richard
0
 
LVL 26

Accepted Solution

by:
Vahik earned 500 total points
ID: 17017213
well since all users are on the same server then u are right about connector and ur only option will be to use query base distribution group for each domain and then use that group to deny email acceptance per user using ADModify
...if it works(never used it) then  u dont have to micromanage adding and removing users....
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17017250
The way that Vahik has outlined is the only way that I can think of doing it. It is simply not something that Exchange was designed to do en-masse.

Simon.
0
 
LVL 4

Author Comment

by:rjropes
ID: 17029607
Hi

I know how to create query based distribution groups to include the members that i want, but am then a little unsure as to what I need to do next?

Could you give me a little step by step after I have created the query based dl please

thanks

richard
0
 
LVL 4

Author Comment

by:rjropes
ID: 17099829
Hi

After re-reading your comments, this is just about what I said at the start, what I meant by doing it on a per-user basis.

What I was looking for was a way of doing it on a global scale. On first reading your answer I was thinking that the qbdl was to encompass all of the users that I wanted to prohibit sending to rather than having to use a mass tool to change everyones details.

I don't want to go down this route as we have a lot of users that we add / delete on a daily basis and people would slip through the net

Any other ideas?

Thanks

Richard
0
 
LVL 4

Author Comment

by:rjropes
ID: 17288772
Hi

I do not think that this question has been answered as the solution is about the same as what I could already do and stated in the question rather than being an answer sorry guys

thanks

richard
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 17292224
Hi Richard,

I read through the question and accepted Vahik's answer as a solution, simply because the answer here is "what you want to do cannot be done the way you want"

Sorry it didn't work out better for you, the moderator will decide on this in another 3 days or so - they may very well PAQ: Refund it instead of accepting an answer

Thanks

-red
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question