Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 279
  • Last Modified:

Exchange 2003 Server

Hey Guys -

So I have this enterprise services division who want to give contractor email address's. Our AD team doesnt want to create user accounts for these external users due to security issues. I wouldnt like to create mailboxes for them in our exchange org due to server folders have anonymous view access.....

How should we deal with this ?

thoughts?

-Z
0
jay79
Asked:
jay79
  • 3
  • 2
  • 2
  • +1
1 Solution
 
mass2612Commented:
Is the AD team won't setup an account that they have access to use then you won't be able to create a mailbox for them as all mailboxes in AD must be associate with an AD account. If the aim of this is to have the contractors appear in the GAL then you can set them up and mail enabled contacts using their personal or external e-mail addresses.

http://support.microsoft.com/?kbid=281926

How to create a contact
1. Start the Active Directory Users and Computers snap-in.
2. Expand the server, and then right-click Users.
3. Click New, and then click Contact.
4. Type a name.
5. Click Modify, click SMTP, and then click OK to create the custom SMTP mail address.
6. Type the SMTP e-mail address, click OK, click Next, and then click Finish.


How to mail-enable a contact
1. Start the Active Directory Users and Computers snap-in.
2. Right-click the contact, and then click Exchange Tasks.
3. Click Next, click to select Establish e-mail addresses, and then click Next.
4. If the contact does not have an alias, enter an alias for the contact.  
5. Click the appropriate e-mail address type, and then type the e-mail address.

Note Click the Advanced tab to configure the Message Format setting.
6. Click OK, click Next, and then click Finish.
0
 
jay79Author Commented:
The aim is to not only receive email as contrator@domain.com but also send email as contractor@domain.com and not as msn.com or yahoo.com ....thoughts ?
0
 
simonpainterCommented:
If your AD team are that tight then they will have to stump up for a separate ex-box and a trusting domain. You can forward unresolved recipients to the new ex box.

Problem is it is costly in terms of licences and tin. Basically as said above, you need an AD account to have a mailbox.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
mass2612Commented:
I agree. If you want the outgoing e-mail to be showing from your company they are going to need an AD account in a domain that has permissions to the Exchange organisation.
0
 
SembeeCommented:
There is nothing to stop the contracts from sending email via their own account with the reply to address set as the company email address. I have done that with a couple of clients.
It depends on how integrated they want to be, and how much control over the contractors email they want.

Simon.
0
 
simonpainterCommented:
Sembee, mate, that does present potential problems in future with SPF and other mechanisms that mail hosts are putting in place to stop domain spoofing.
0
 
mass2612Commented:
Hi Simon,

Do you know of any related articles for doing this? I was under the impression that there would be some kind of issues sending externally due to relay restrictions etc. But I like to learn something new each day that's why  I love this site as it exposes me to issues that I don't get to work on here at work :-)
0
 
SembeeCommented:
Most of the technologies for spoofing aren't very effective. If they were, then there would be lots of services that would break on the internet, or would need to be recoded.

Sometimes you have no choice than to do something like the above, because the ISP that you (as the Outlook Express user) are connected to doesn't allow connections to other SMTP servers.

There is no clean answer without having accounts on the domain.

mass2612
Not sure which bit you aren't clear on. I have an article on setting up the contacts for the external contracts, which is here: http://www.amset.info/exchange/contacts.asp
The Outlook Express bit is as simple as putting the From address in the client to your "company" address. Then send it through your regular ISP.

Going back to the original question. Another option would be to use one of the low end POP3/SMTP servers. Get something like SmarterMail and install it on a Windows 2003 Web Edition machine. You could use the built in POP3/SMTP service, but that would require CALs.

Simon.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now