How can I restrict who sends messages to my journaling mailbox?

Hello,

I am new to Exchange 2013 and have enabled journaling. It appears to be working but I have spent several hours trying to work out how to implement message delivery restrictions so that only the Exchange System itself can send emails to the journal mailbox. I know it is not possible to do this in EMC but I cannot find the Command Shell command to do this.

Any help would be greatly appreciated.

Thank you

Alasdair Barclay
AlasdairbAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Simon Butler (Sembee)ConsultantCommented:
Have you hidden the journal mailbox?
If you hide it then it shouldn't be necessary to stop people from sending to it.
Give the mailbox a local only address and then it cannot happen in error in most cases.

I have implemented journaling 100s of times for clients throughout my career, I have never seen anyone send an email to it directly.

Simon.
AlasdairbAuthor Commented:
My journaling mailbox currently has the two email addresses generated by email address policy
sjournaling@mydomain.com (default)
and
sjournaling@mydomain.local

Can I remove the mydomain.com address without breaking anything? Of course this would make it a little safer as no external senders could route to a *.local domain.

I have hidden it from the address book.

I found somewhere that in Exchange 2010 you could do this command to achieve the lockdown, do you agree with this, and if so is it still valid for 2013?

Set-Mailbox "Standard Journaling" -AcceptMessagesOnlyFromSendersOrMembers "Microsoft Exchange" -RequireSenderAuthenticationEnabled $true

Thanks

Alasdair
Simon Butler (Sembee)ConsultantCommented:
I have never run any kind of command to lock down the journal mailbox, so I have no idea on whether that command is valid or not. Having to lock down the journal is not something I have even considered doing.

You can remove the external domain from the email address list - as Exchange doesn't use that for routing internally. As long as it has an email address in a domain that is listed in the Accepted Domains list then it will be fine.

Simon.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
AlasdairbAuthor Commented:
Thanks Simon. If it's good enough for you it's good enough for me.

I'll remove the external email address.

Alasdair
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.