We help IT Professionals succeed at work.

Restrict Outbound Emails

zito2000
zito2000 asked
on
Medium Priority
26 Views
Last Modified: 2020-03-25
Environment: On Prem Exchange 2013

I'm hoping this is an easy one.
If I have a user "John Smith" and I wanted to restrict his ability to send emails to ANYONE (whether internal or external emails) EXCEPT to his Manager, is there a way to do that?  I've been looking into transport rules, but can't seem to hammer down the correct configuration.

So to recap how it should work:
John sends an email to his manager --> Success
John sends an email to another internal employee --> Fails
John sends an email to an outside email address --> Fails
Comment
Watch Question

IT Director
CERTIFIED EXPERT
Commented:
Create a mail flow rule

- If the sender is (sender)
- if the recipient is external to the org
- if the recipient is a member of a group - create a dynamic DL which includes everyone inside the org
- add an exception for the one person that the sender can send to
zito2000Network Manager

Author

Commented:
Excellent suggestion!
Not sure why it's not working, to be honest...

The rule is:

Apply this rule if
  • The sender is *John Smith*
and
  • The recipient is located Outside the organization
and
  • The sender is a member of *Our Internal Building Distribution List*
 

I even removed the last item, just restricting outside sending of emails, but they still go through.
The rule is enforced, and it's the highest priority.
Hayes JupeIT Director
CERTIFIED EXPERT

Commented:
hmmm... ok... ummm, next step - check the message tracking logs - you should see the messages from this user get checked against the rule as per this article  - https://docs.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/test-mail-flow-rules
zito2000Network Manager

Author

Commented:
Oh Wait, it just started working!  With this configuration:

Apply this rule if
The sender is *John Smith*
and
The recipient is located Outside the organization

I'm guessing it must have taken a little while.  I am now adding the last entry:
The recipient is a member of *Our Internal Building Distribution List*

Going to test that too.
Stay Tuned
zito2000Network Manager

Author

Commented:
So still troubleshooting, but if I had to guess, this must be broken up into 2 separate rules.
Reason is:
The recipient is located Outside the organization
and
The recipientsis a member of *Our Internal Building Distribution List*


These are conflicting statements.  There is no way someone could be OUTSIDE OF THE ORGANIZATION, but also a member of our internal building dist. list.  Since the rules use the "and" command, it's not possible.  If it was the "OR" command, then it could work.

I'm trying to just have 2 separate rules now.
Hayes JupeIT Director
CERTIFIED EXPERT

Commented:
i see what your saying... good point - just remember to put the exemption in for the manager on the internal distribution list one.
zito2000Network Manager

Author

Commented:
Hayes helped me out big time with this!  Greatly appreciated.