Exchange 2007 send to permission


In our Exchange 2007 server, there are about 15 mailboxes and one user would like to have some sort of email restriction.

How can I configure Exchange to allow or block a particular list of external users and internal users to directly deliver their emails to his mailbox. For example, he does not want to receive emails from a few internal users and want to receive emails from allowed external emails.

Currently, the old sysadmin guy made a mail-enabled security group (universal) called "email addresses allowed send" and added internal users to this group as well as external users (gmail or yahoo users). In the security tab of the group, there are many groups which make me confusing - the groups are:

Authenticated Users
Exchange servers recipient administrator
Domain admins
Enterprise admins
Account operators
Windows authorization access group
Enterprise domain controller

I am having difficulties to find which group has the send to permission.

For a testing purpose, I have used a different user account to send an email to his inbox but it does not deliver to his inbox - I can see it was sent from the user's outlook. This email should deliver to his mailbox as the user account is added to the security group but the sent email is not delivered to his mailbox..
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Manikandan NarayanswamySecurity Specialist & IBM Security GuardiumCommented:

First of all to block or unblock certain emails like whether certain users should not be able to send email over the internet. Or the user doesn't want to receive certain emails from internal users are two different requirements which you can accomplish using transport rule. Now coming back to the email addresses allowed send group definitely the old administrator must have created a transport rule to address this issue i would recommend you to dig the transport rule in exchange 2007. Digging through each group to retrieve the send to permission will cumbersome task. Therefore i recommend to search the transport rule. In fact to achieve email restriction you have to create an Transport Rule anyways.

Refer the below link for Transport Rule creation

I have pasted three links for your reference. However i recommend you to use the link because there the steps have been nicely explained.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.