Exchange 2010 send on behalf of distribution group

Posted on 2011-09-26
Last Modified: 2012-05-12
I used to be able to send from a distribution group when we had Exchange 2003, these groups have worked since we have upgraded to Exchange 2010. However if we have needed to amend the group details then we have had to change the group from 'Mail Non-Universal' to 'Mail Universal Distribution'

There are to groups in particular which are not behaving the same since being converted to 'Mail Universal Distribution'.

accounts@domainname and support@domainname I can send from the support address but not from the accounts one this has only happened since changing the account group to the 'Mail Universal Distribution' last week. The support group was a long time before that and works fine.

When I try to send a massage as accounts I get this message…

Delivery has failed to these recipients or groups:
You can't send a message on behalf of this user unless you have permission to do so. Please make sure you're sending on behalf of the correct sender, or request the necessary permission. If the problem continues, please contact your helpdesk.

Diagnostic information for administrators:

Generating server:
#MSEXCH:MSExchangeIS:/DC=local/DC=DOMAIN:SERVER[578:0x000004DC:0x0000001D] #SMTP#
Question by:Fubschuk
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
LVL 49

Accepted Solution

Akhater earned 500 total points
ID: 36708222
open ADUC -> View Advanced Features -> find the group -> RIght click properties -> security

ad the user and give it sendas permission

Author Comment

ID: 36708437
Already tried that, but no sucsess. the support@domainname has sendas ticked for 'Authenticated Users' and I have tried the same with the accounts@domainname but this didn't work. I have also added myself to the group in ADUC and tried adding the sendas and even giving full permission but still no joy.

Any other ideas
LVL 29

Expert Comment

ID: 36716920
I'm not convinced that it can be done really.  I probably would have just said "You can't".   A Distrib Group is not a User Account, and more importantly it does not have a mailbox, and I think that makes a difference.   When mail comes in to a Distrib Group the Distrib Group does not hold it because there is no where to hold it,...all it does is re-associate the message with the multiple mailboxes of the Group's Members.  Now you could set the "send on behalf of" toward one of the Group's Members individually, but not the group.

The whole thing is a waste of time anyway.  It is still going to show coming from the user that really sent it anyway.  If the user sending is JSmith then the message they send is going to say  From: JSmith on behalf of DistribGroup.  There are obvious legal reasons for this, prevents fraudulent emails be sent from one person but disguised as someone else.  For example an employee of the company gets "send on behalf" of rights against the company's CEO, the employee sends the message "on behalf of" the CEO to the Mayor and Chief of Police and flames them calling them every name in the book in an attempt to cause the CEO grief.  The behavior of Exchange prevents this from happening.
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 49

Expert Comment

ID: 36716946
sorry I missed your reply, please try sending from OWA and not from outlook see if there is a difference in the behavior

to pwindell, it can be done 100%

Author Comment

ID: 36717006
SEND AS is working now, must have be propagation delay from AD with the security settings.
LVL 49

Expert Comment

ID: 36717047
it is not a propagation delay rather the time needed for your outlook to get the new OAB (offline address book) that's why I asked you to try from OWA

thanks for the updates and the points
LVL 29

Expert Comment

ID: 36717115
Very good.
So it is possible after all.

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My attempt to use PowerShell and other great resources found online to simplify the deployment of Office 365 ProPlus client components to any workstation that needs it, regardless of existing Office components that may be needing attention.
Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question