Results 1 to 9 of 9
  1. #1
    Star Lounger Techie's Avatar
    Join Date
    Dec 2009
    Location
    Philadelphia, PA, USA
    Posts
    62
    Thanks
    9
    Thanked 0 Times in 0 Posts

    Question Bad practice to allow external users to send to Exchange distrib lists?

    Is it bad practice to allow all external email users (@gmail, @yahoo, etc.) to send to internal Exchange distribution lists? I recently read that this feature was enabled by default on Exchange 2003, but disabled by default on Exchange 2007 and later.

    I have a high-up partner to my organization requesting this feature. I have the option of enabling this, or telling them to create their own email groups in their own Lotus email software. Since this higher up does not know all the people in my organization (40+ people), it would be very difficult for them to keep their personal email group list up to date, which is why I don't like that option for them.

    The feature is controlled by the "Require that all senders are authenticated" check box.

    In Exchange 2010:
    Exchange Management Console -> Microsoft Exchange On-Premises -> Recipient Configuration -> Distribution Group -> [Select a distribution group] -> Right click, properties -> Message Delivery Restrictions -> Uncheck "Require that all senders are authenticated".

    This would be my ideal solution -
    Is it possible to enable email users from just that one partner's external domain (@theircompany.com) to be able to email to my Exchange distribution lists? If so, please provide detailed Exchange 2010 steps.

    Thank you!
    Peter
    Peter
    Support for a large nonprofit
    Projects

  2. #2
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,572
    Thanks
    5
    Thanked 1,057 Times in 926 Posts
    We allow external users to email some distribution lists but not all. The ones that we allow are generic enough (i.e. sales, support, etc.) that trying to figure out how to limit them is more trouble than it is worth.

    I don't believe you can use Message Delivery Restrictions to allow an external domain.

    You could try creating a Hub Transport Rule where you have more flexibility.

    Joe

  3. #3
    Star Lounger Techie's Avatar
    Join Date
    Dec 2009
    Location
    Philadelphia, PA, USA
    Posts
    62
    Thanks
    9
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by JoeP517 View Post
    You could try creating a Hub Transport Rule where you have more flexibility.
    Joe
    Can you point me to any online tutorials on hub transport rules? I have not worked with them.

    Thank you,
    Peter
    Peter
    Support for a large nonprofit
    Projects

  4. #4
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,572
    Thanks
    5
    Thanked 1,057 Times in 926 Posts
    They are very similar to Outlook rules in the way they are constructed. There is a wizard that walks you through the process.

    For more information on creating transport rules, open the EMC, click Microsoft Exchange On-Premises -> Organization Configuration -> Hub Transport. Then click on the "Transport Rules" tab and then Help.

    Joe

  5. #5
    Star Lounger Techie's Avatar
    Join Date
    Dec 2009
    Location
    Philadelphia, PA, USA
    Posts
    62
    Thanks
    9
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by JoeP517 View Post
    They are very similar to Outlook rules in the way they are constructed. There is a wizard that walks you through the process.

    For more information on creating transport rules, open the EMC, click Microsoft Exchange On-Premises -> Organization Configuration -> Hub Transport. Then click on the "Transport Rules" tab and then Help.

    Joe
    I found this on Technet:

    An accepted domain is any SMTP namespace where this Exchange organization sends and receives e-mail on behalf of recipients. Authoritative domains are accepted domains where the recipients' mailboxes are in this Exchange organization. Relay domains are accepted domains where the recipients' mailboxes aren't in this Exchange organization and the mail has to be relayed to an external e-mail server or Exchange organization for delivery to the recipient.
    and this on technet:


    • Authoritative Domain To specify that e-mail messages are delivered to a recipient that has a domain account in your Exchange organization, select this option.
    • Internal Relay Domain To specify that e-mail messages are either delivered to recipients in your organization or relayed to a server outside your Exchange organization but still under the authority of your company or IT department, select this option.
    • External Relay Domain To relay e-mail messages to an e-mail server outside the Exchange organization, select this option.
    But I don't see anything about accepting messages from other domains, mostly about sending messages to other domains.

    Any help is appreciated.
    -Peter
    Peter
    Support for a large nonprofit
    Projects

  6. #6
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,175
    Thanks
    47
    Thanked 981 Times in 911 Posts
    I prefer mail enabled public folders for external mail. Simple to manage via permissions and prevents spam clogging everyone's email.

    cheers, Paul

  7. #7
    Star Lounger Techie's Avatar
    Join Date
    Dec 2009
    Location
    Philadelphia, PA, USA
    Posts
    62
    Thanks
    9
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Paul T View Post
    I prefer mail enabled public folders for external mail. Simple to manage via permissions and prevents spam clogging everyone's email.

    cheers, Paul
    Teaching some users how to use public folders, or simply getting them to check there email everyday can be a tall order at some organizations. I have worked at some where users still haven't adopted reading their work email daily and prefer to use email as little as possible. In my case, I don't think adopting public folders is the option for me.


    Quote Originally Posted by JoeP517 View Post
    We allow external users to email some distribution lists but not all. The ones that we allow are generic enough (i.e. sales, support, etc.) that trying to figure out how to limit them is more trouble than it is worth.
    How do you allow some distribution lists to be open to external users, but not all?


    Quote Originally Posted by JoeP517 View Post
    You could try creating a Hub Transport Rule where you have more flexibility.
    Since I don't know how to do this, and I didn't get any feedback on this option, I won't be able to do this.

    So I have two choices. Just send the outside user a flat file with all the emails comma separated, or open up my Exchange distribution to outside users, and risk spam (per my original post). My main question is whether or not that is a bad practice.

    Thanks,
    Peter
    Peter
    Support for a large nonprofit
    Projects

  8. #8
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,572
    Thanks
    5
    Thanked 1,057 Times in 926 Posts
    I still think a Transport Rule is your best bet. Go to Microsoft Exchange On-Premises -> Organization Configuration -> Hub Transport -> Transport Rules. In the Action Pane click on "New Transport Rule" or in the result pane (in the center) click on a blank spot and select "New Transport Rule". The wizard will start. You can deselect "Enable Rule" on the first screen, build the rule, check it visually, finish the wizard. Then go back and enable the rule. If you've ever created an Outlook rule you can figure out a Trabsport Rule.

    Joe

  9. #9
    Star Lounger Techie's Avatar
    Join Date
    Dec 2009
    Location
    Philadelphia, PA, USA
    Posts
    62
    Thanks
    9
    Thanked 0 Times in 0 Posts
    Ok, I'll give it a try - I use Outlook rules all the time.
    Peter
    Support for a large nonprofit
    Projects

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •