• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 284
  • Last Modified:

How do I create emails that can only receive and send email to one domain?

Hello again helpful Exchange 2010 experts! I had my boss ask me to today to add like 100 new user accounts to our Exchange server. He wants these users to only send and receive email from our domain. Him and I are worried some employees may abuse the email if we don't limit it and they refuse to enforce rules. I would swear that there should be a way to do this without making it server wide. We trust our business office users with email, but the new ones are remote and again they are bad about following rules.

Any thoughts on this would be much appreciated.

Jami
0
JamiBenson
Asked:
JamiBenson
  • 7
  • 4
1 Solution
 
setasoujiroCommented:
the easiest way would be to have them use a .local email address, this way they can only use internal maill.

You could also make a new send connector to prohibit these users.
0
 
expert02232010Commented:
you want to limit them to only internal mail, correct?

yes, you can do that.  create a special distribution group for those users.  then you would create a Transport Rule

you would select "from a member of distribution list"  and choose that new group
"from users inside or outside the organization" (then click the inside and change it to outside)
"sent to users inside or outside..."  (change to outside)
then click next.
select: "send bounce message to sender with enhanced status code"  you can modify the text if you want.

you may need to split it into two rules, one for the "sent to"  outside and one for the "from" outside.
0
 
JamiBensonAuthor Commented:
Internal Mail only yes expert.

I will give that a shot and see if it works for me. That definitely seems like a plan though. Now with these users not being on our actual network this should work correct?

Thanks again!!

jami
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
JamiBensonAuthor Commented:
Also just to clarify so I understand Distribution Groups better, this does allow me to give each person there own email address right?

Thanks a third time :)
0
 
expert02232010Commented:
yes, each person can have their own address, they would be a member of the distribution group.
you can add/remove members from the group to control the mailing ability.

for additional flexibility you could have two groups as well.  one for who is blocked from sending outside, and one for those blocked from receiving from outside.  and users can be members of both.

They could also still be members of other distribution groups as well, though if you have distribution group that can accept external mail, members may receive those e-mails even if they are in the internal only group.  I'm not sure where it does the extraction of membership.
0
 
JamiBensonAuthor Commented:
Third email lol. I have tried this and it doesn't seem to be working. I have the user in the distribution group and have set up the transport rule. I am sending from my personal gmail and it continues to get through. Any thoughts? I can send screen shots if necessary.
0
 
JamiBensonAuthor Commented:
Yeah we don't want them sending or receiving anything from the outside world since some folks will not follow rules. I don't want to have to pull a virus off our email server. I just fixed it once this week :P

Thanks again for all your help so far. Us noob Exchange Admins really appreciate it :D
0
 
expert02232010Commented:
do you have any other transport rules?  this would need to be above them in priority.

does the sending rule work?
0
 
JamiBensonAuthor Commented:
This is my only transport rule. I know we have some domains frozen, but we don't have any transport rules.

Interesting thing just happened. I redid the group and the rule. It's now moving the email to the junk folder.

Any thoughts??

Thanks again :)
0
 
expert02232010Commented:
I hadn't done the external blocking before.  so I just tried it, and initially it failed to block.
then I redid the rule using the specific user and it did block it.

so looks like the group doesn't work for the inbound very well.  you can either add each user, or for those mailboxes you can limit the "Message Delivery Restrictions" to  "Require that all senders are authenticated"  because external will not be authenticated.

http://www.msexchange.org/articles_tutorials/exchange-server-2007/management-administration/restricting-users-send-receive-external-messages-exchange-server-2007.html

0
 
JamiBensonAuthor Commented:
Thanks so much! I am going to just add each user. I think we are only going to have about 50 now so that shouldn't be too difficult.

Thanks again for all your help! It's very much appreciated :)


Jami
0
 
JamiBensonAuthor Commented:
Works like a charm!!
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 7
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now