Creating a group in AD to 'whitelist' message restrictions on outside senders

Posted on 2009-04-15
Last Modified: 2012-05-06
We've been receiving a large amount of spam to a particular distlist on our domain (, and I want this distlist to only accept emails from domain accounts and a handful of external addresses (mainly our board of directors and email newsletters).

I've set this up in AD under message restrictions to only accept messages from internal staff and have manually added the external email addresses. This setup works fine, but I'm wondering whether I can add all of the 'whitelisted' email addresses as contacts to a group and then only add the group to the exception list. The reason being is that the email addresses are likely to change from time to time and I'd rather manage them in AD rather than have to update the exception list each time.

Related to 23305781
Question by:skibbawackle
    LVL 70

    Expert Comment

    by:Chris Dent

    You should be able to. When you add a group to the delivery restrictions area Exchange treats it as if each member of the group was added.

    Perhaps the best way to test it would be to create a dummy distribution list, then set permission to send to for a public e-mail address belonging to yourself via another group. I see no reason for it to fail, but it wouldn't hurt to check.


    Accepted Solution

    Yeh it should work in theory but it doesn't - at least not using Exchange 2003. I added my Gmail account as a contact and made it a member of the existing group that I wanted to whitelist but kept getting the message return as rejected.

    When I added the Gmail contact directly to the allowed list, the messages went through - but only as an individual contact exception.


    Author Comment

    I haven't been able to find anything else on this after extensive searching. Anyone else found a way to get it working?

    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
    Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
    To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now