Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Blocking user from Being sent emails to External
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Blocking user from Being sent emails to External - 18.Nov.2007 4:08:23 AM
|
|
|
habibalby
Posts: 18
Joined: 18.Nov.2007
Status: offline
|
Hi,
I know this exchange version is not listed in here for any discussion, but i wonder if some1 can help me to achieved this.
I want to block all the users from being exchanging external emails and allow only the people who have permission to send outbound emails.
Can i do that with Exchange 5.5?
How that can be achieved.
BR,
Habibalby
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 19.Nov.2007 8:13:52 AM
|
|
|
zbnet
Posts: 812
Joined: 25.Sep.2003
From: Manchester, UK
Status: offline
|
Create a new DL, call it something like "Allow External messages". Add all the people you want to be able to send external email to this DL.
In the Connections contaner of Exchange Admin, look at the Properties of IMS, click the 'Delivery Restrictions' tab, and add the new DL to the left-hand pane (Accept messages from). Click OK as many times as you need to close the window.
Stop and restart the IMS service for the change to take effect.
Once you done all this, the membership of the DL effectively controls who is permitted to email externally - you could even delegate that task to an HR perosn or similar by making them the owner of this DL.
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 19.Nov.2007 11:35:00 PM
|
|
|
habibalby
Posts: 18
Joined: 18.Nov.2007
Status: offline
|
Hi zbnte,
Thank you very much for this help. However, I have created the Distrubtion group and assigned all the users who are permited to send external emails, and added them the IMS Connector in the Connection Gategory to the Accept Messeges, and then added the Group which i have created. I have stopped and restarted the IMS Service, tested it with one user is not belongs to that group, but still he is able to send external emails. Then i have added this user to the Reject Messages from, without stopping and restarting the service it works.
Does that mean, i have to create two Groups, 1 Deny Users and add all the users who are not allow to exchange external emails and add it to the Reject Messages From and create another group to Allow users to exchange external emails and add it to the Accept Messages From?
Thanks,
Habibalby
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 20.Nov.2007 4:00:38 AM
|
|
|
zbnet
Posts: 812
Joined: 25.Sep.2003
From: Manchester, UK
Status: offline
|
You shouldn't need 2 groups, as the actions should be iverse for people not mentioned in the group.
Maybe the first option didn't wrk because the default behaviour of the connector is to pass traffic anywaty; in this case invert the meaning of the group (members NOT allowed to send) and put the group in the Reject (right-hand) pane. Then anyone not in the group will be able to send by default.
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 20.Nov.2007 5:25:45 AM
|
|
|
habibalby
Posts: 18
Joined: 18.Nov.2007
Status: offline
|
quote:
ORIGINAL: zbnet
You shouldn't need 2 groups, as the actions should be iverse for people not mentioned in the group.
Maybe the first option didn't wrk because the default behaviour of the connector is to pass traffic anywaty; in this case invert the meaning of the group (members NOT allowed to send) and put the group in the Reject (right-hand) pane. Then anyone not in the group will be able to send by default.
Why shouldn't have two group if the one group didn't work?
Now i have Ready Group called External Users. All the users who has permission to send external emails are member of this group. Do I have to put this group in the Accept Messages From, defual is All, change it to List and Add the External Users group?
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 21.Nov.2007 4:35:25 AM
|
|
|
zbnet
Posts: 812
Joined: 25.Sep.2003
From: Manchester, UK
Status: offline
|
Your testing has proved that even with a group of users who are allowed to send in the Accept portion, still users who are not listed can send to the internet.
That's why I suggested you inverted the setup. Create instead a group of people who are NOT allowed to send to the Internet, and put that group in the righthand Reject pane. Then if any of these people send, they will be rejected. Anyone else not in that group would then, by default, be allowed to send (you therefore wouldn't need a seperate group for people alloweds to send).
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 21.Nov.2007 4:56:41 AM
|
|
|
habibalby
Posts: 18
Joined: 18.Nov.2007
Status: offline
|
Yes, it works now after restarting the exchange servers. The group whcih have created and includes all the External Users, is added in the Delivery Restriction as Accept Messages From. And it works.
But, one more thing. Still receiving emails from External Domains even if the users are not member of this group. How can i rectified that?
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 21.Nov.2007 6:27:28 AM
|
|
|
zbnet
Posts: 812
Joined: 25.Sep.2003
From: Manchester, UK
Status: offline
|
Ah - so you need to block the receiving of SMTP messages as well as the sending of SMTP messages?
The only way to do this in Exchange 5.5 is to remove the SMTP proxy address(es) from the mailboxes that you don't want to receive external email. Yes, I know it's clunky, but there you go.
If you have a smarthost between Exchange and the Internet, you can also implement a solution there, but if Exchange is your only mailing system then removing individual SMTP addresses is the way to do it.
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 21.Nov.2007 6:36:14 AM
|
|
|
habibalby
Posts: 18
Joined: 18.Nov.2007
Status: offline
|
Hi,
Yes i have an SMTP Server in the Internal Network that communicates with Exchaneg Server via the IMS Connector and Static Route is added in the SMTP Server to reach to the IMSS Server in the DMZ Network. The IMSS Server is reaching the SMTP Server in the which is in the Internal Network.
In this setup is there anyway can restrict the delivery to the users who are not allowed to send and receive External Email?
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 22.Nov.2007 12:30:16 AM
|
|
|
habibalby
Posts: 18
Joined: 18.Nov.2007
Status: offline
|
Yes, it works by removing the SMTP Address on the Individual account, but imaging 900 accounts we have, 150 out of these uses externally, remaing 750 users :).
How can i control this from the SMTP Server which is between the Exchange and the IMSS?
Thanks,
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 22.Nov.2007 7:01:53 AM
|
|
|
zbnet
Posts: 812
Joined: 25.Sep.2003
From: Manchester, UK
Status: offline
|
Forgive me, but it's hard to recommend the specifics of a solution to implement SMTP blocking on the SMTP server when you haven't even told me what sort of server it is! Sendmail? Postfix? MailSweeper? The solution is similar, but the details different in each case.
Basically you want the SMTP server to filter incoming emails based on a list of users that are allowed to receive external email, and reject the rest. That's the basics of what you want.
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 22.Nov.2007 8:38:36 AM
|
|
|
habibalby
Posts: 18
Joined: 18.Nov.2007
Status: offline
|
quote:
Basically you want the SMTP server to filter incoming emails based on a list of users that are allowed to receive external email, and reject the rest. That's the basics of what you want.
Hi once again, it;s okay. Yes, that's what i need. I have the triditional Microsoft SMTP running on IIS on win2k server. In this case, can i implement this policy rather than removing all the SMTP Address from the user proberties? or removing the SMTP will be better?
BR,
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 27.Nov.2007 6:49:16 AM
|
|
|
zbnet
Posts: 812
Joined: 25.Sep.2003
From: Manchester, UK
Status: offline
|
Unfortunately the MS IIS server doesn't natively have the function to deliver only if the destination addresses matches a list of valid recipients (I guess it could be done by an event sink, but that's non-trivial).
If you were running something like a Postfix server in this role, it would simply be a matter of populating the Relay_Recipients table with the list of valid addresses - email to all other addresses would be NDRed.
|
|
|
|
|
RE: Blocking user from Being sent emails to External - 27.Nov.2007 7:02:31 AM
|
|
|
habibalby
Posts: 18
Joined: 18.Nov.2007
Status: offline
|
Hi,
Thakns for your help, I really appreciated. I have removed all the SMTP Address from the users who are not require external emails. However, i Have another thread already posted in this forum regarding the Auto Forward. Can you look at it?
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
