Solved

Restricting users from sending internal email

Posted on 2006-06-30
13
331 Views
Last Modified: 2010-03-06
Hi

We have a number of sites in a large AD.

I would like users in one specific site to only be allowed to send email to that particular site.

I realise that I can set every other user in the AD to not accept mail from users in this site on a per user basis, but I would like to apply this to just the users in the problem site otherwise management becomes a major pain.

Basically, site A has its own domain name, sitea.com. Site A is not allowed to send email to siteb (siteb.com) or sitec (sitec.com) etc etc.

Any help greatly appreciated, if you need further info ask away

Richard
0
Comment
Question by:rjropes
  • 5
  • 3
  • 2
  • +1
13 Comments
 
LVL 26

Expert Comment

by:Vahik
ID: 17016829
Use ADModify tool to apply mass change to active directory users...
do a google serach and download....no traning is needed to run the tool...very easy..
0
 
LVL 4

Author Comment

by:rjropes
ID: 17016873
I want to avoid doing mass changes to every user in AD as any new users will be missed from the changes so am looking for a different solution

Thanks

Richard
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17017023
Are these users going to be allowed to send email to the outside world?
If not, then simply block all outbound SMTP traffic. Most inter-server traffic goes by SMTP, so that would stop them in their tracks.

Odd request - not something that has come up on here before.

Simon.
0
 
LVL 26

Expert Comment

by:Vahik
ID: 17017074
OK that is not a problem....create a smtp connector and prevent all users sending through that connector...that will prevent users sending out....but it will not prevent users sending internally or recieving from outside...
0
 
LVL 4

Author Comment

by:rjropes
ID: 17017151
Hi

Sorry, bad explanation in the question.

The users are all in one AD, hosted on one Exchange 2003 cluster.

Thus to send from one 'domain' to another 'domain' exchange server sees it as local delivery. Each different site has its own DNS domain name and email tag, all hosted by the main exchange server.

I have already tried the connector approach, but as it is local delivery it does not go through it.

I already have in place a connector for external email that these users are not allowed to send through, which is working fine.

Odd request ... odd needs by odd customers (put angry face here)

Apologies for the confusion

Thanks

Richard
0
Why won’t your email signature format correctly?

Struggling to get your corporate email signatures to format correctly? Does the logo keep resizing? Is the text appearing too big? What can you do to prevent this? Find out how you can save your signatures today.

 
LVL 26

Accepted Solution

by:
Vahik earned 500 total points
ID: 17017213
well since all users are on the same server then u are right about connector and ur only option will be to use query base distribution group for each domain and then use that group to deny email acceptance per user using ADModify
...if it works(never used it) then  u dont have to micromanage adding and removing users....
0
 
LVL 104

Expert Comment

by:Sembee
ID: 17017250
The way that Vahik has outlined is the only way that I can think of doing it. It is simply not something that Exchange was designed to do en-masse.

Simon.
0
 
LVL 4

Author Comment

by:rjropes
ID: 17029607
Hi

I know how to create query based distribution groups to include the members that i want, but am then a little unsure as to what I need to do next?

Could you give me a little step by step after I have created the query based dl please

thanks

richard
0
 
LVL 4

Author Comment

by:rjropes
ID: 17099829
Hi

After re-reading your comments, this is just about what I said at the start, what I meant by doing it on a per-user basis.

What I was looking for was a way of doing it on a global scale. On first reading your answer I was thinking that the qbdl was to encompass all of the users that I wanted to prohibit sending to rather than having to use a mass tool to change everyones details.

I don't want to go down this route as we have a lot of users that we add / delete on a daily basis and people would slip through the net

Any other ideas?

Thanks

Richard
0
 
LVL 4

Author Comment

by:rjropes
ID: 17288772
Hi

I do not think that this question has been answered as the solution is about the same as what I could already do and stated in the question rather than being an answer sorry guys

thanks

richard
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 17292224
Hi Richard,

I read through the question and accepted Vahik's answer as a solution, simply because the answer here is "what you want to do cannot be done the way you want"

Sorry it didn't work out better for you, the moderator will decide on this in another 3 days or so - they may very well PAQ: Refund it instead of accepting an answer

Thanks

-red
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Find out what you should include to make the best professional email signature for your organization.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now