• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

How to limit a group users from Send/Rec mail to/from all external domains except the Client?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2007] >> Message Routing >> How to limit a group users from Send/Rec mail to/from all external domains except the Client? Page: [1]
Login
Message << Older Topic   Newer Topic >>
How to limit a group users from Send/Rec mail to/from a... - 8.Apr.2009 1:35:23 PM   
YoungBlood

 

Posts: 8
Joined: 8.Apr.2009
Status: offline
Hi,

This is my first post to any such site & I'm excited to hear back.
My requirement goes like this:

Currently, I have the following:
-Exchange Server 2007 with SP1 is hosted across all offices geographically & my ONLY email domain is, "cashcowcapitalgroup.com".
-There is no restriction to any user from sending/receiving internet email.

My Requirement:
-For a special team, that is spread across all offices, I want to restrict them the ability to 'send OR receive' email to any external domain except the Client Domain & Internal Domain. For Ex: My Client domain is, "abcgroup.com". In that special team member's mailbox, there must be only two types of emails,
1. "cashcowcapitalgroup.com" & 2."abcgroup.com"
No Gmail, Yahoo etc or any other domain email must be present.

I broke this problem in two parts - Incoming Emails & Outgoing Emails.
 
Incoming Emails:
I created a DL with all the members of the special team in that & then set a rule saying, mail sent to any member of that DL from Outside the Organisation must be bounced back except if the "From Field" has specific words mentioned, like "abcgroup.com". This will block all incoming external emails if they don't have the domain "abcgroup.com"

Outgoing Emails:
Similarly, I cannot create a rule for that DL members sending outside emails because the exception lists doesn't have "Except if the To Field has specific words" for me to specify the parameter.
How to achieve this? If you have a way to do both differently please share it with me. I saw many posts very closely related to this but this is different because only a small group of users across all offices must face this restriction. I know how to put restriction to all at a time but that is not my requirement.
Since my post is long, i know many may get confused but my apologies & thanks for reading this with patience.

Thanks
YoungBlood
Post #: 1
RE: How to limit a group users from Send/Rec mail to/fr... - 8.Apr.2009 11:03:25 PM   
ravisha_22

 

Posts: 445
Joined: 16.Sep.2008
Status: offline
You can use the "Except when the text <> appears in the <message header>" exception rule to specify abcgroup.com and TO as the message header.

Additional info:

Just verified this, works fine. You can additionaly specify the action as either silent drop or if you want to have a record, can make the rule log a event(atleast for testing purpose).

< Message edited by ravisha_22 -- 8.Apr.2009 11:13:49 PM >


_____________________________

Ravishankar

(in reply to YoungBlood)
Post #: 2
RE: How to limit a group users from Send/Rec mail to/fr... - 9.Apr.2009 2:04:53 AM   
YoungBlood

 

Posts: 8
Joined: 8.Apr.2009
Status: offline
Thanks Ravish! I created the rule & yet to test it. For message Header I mentioned, like this (without quotes) To;Cc;Bcc because what if the user specifies the email address (Third Party's, like Hotmail) in Cc or Bcc.
Also, I suspect another problem with this is, when specific word is present in any of these header fields it will release the mail to another email domains mentioned along with it, like in To if you have *@hotmail.com and a *@yahoo.com along with client's email (abcgroup.com) then it release mail to hotmail as well as to yahoo event though yahoo is blocked.
Any thoughts on this! Have you tested such a scenario.

Thanks in advance again.

YoungBlood

(in reply to ravisha_22)
Post #: 3
RE: How to limit a group users from Send/Rec mail to/fr... - 9.Apr.2009 3:51:41 AM   
ravisha_22

 

Posts: 445
Joined: 16.Sep.2008
Status: offline
Im not sure whether the Exception filter will take mutiple values for the Header feild, so check that out. Also your concern about mails being allowed when sent with a abcgroup.com address getting thorugh is true, they will go through as it matches the exception filter.

This is the normal behaviour since we are talking about allowing mails only for one domain and there no Firewall filter like setting to do that..  

_____________________________

Ravishankar

(in reply to YoungBlood)
Post #: 4
RE: How to limit a group users from Send/Rec mail to/fr... - 9.Apr.2009 9:07:45 AM   
YoungBlood

 

Posts: 8
Joined: 8.Apr.2009
Status: offline
Thanks! If the mail goes out to other domains along with the client's then this solution poses a risk. Also, the limitation of Header accepting multiple values is not confirmed yet.
Can anyone think in terms of customizing the Send Connectors through Exchange Shell or creating Custom Rule from Command Line etc?
I don't have Edge Transport Server in my Organisation, if i bring that in, is there a definite solution.

Thanks
Najeeb




(in reply to ravisha_22)
Post #: 5
RE: How to limit a group users from Send/Rec mail to/fr... - 11.Apr.2009 7:14:46 AM   
YoungBlood

 

Posts: 8
Joined: 8.Apr.2009
Status: offline
Hi

I found a lengthy alternative solution that would work in this case. I'm posting it here, so that if there is something wrong with it or if it is good I will get a review for my own solution.
My requirement was to restrict a single team of users to be able to send/rec from only 1 domain on the internet (the Client's Domain).
For sending, we can create contacts in EMC for those client's email address & put them in a named Client DL. Use this DL to set-up a Transport Rule to block all messages sent from a member of the Internal Team Dl to Outside the Organisation except to the Client DL members listed above.
We can separately create contacts for all the client team or use their Team's dl SMTP address to create a contact in EMC. Now, the problem of this is, all client contacts would be visible in GAL.
This would work seamlessly, i think.

I appreciate your feedback.

Thanks
YoungBlood

(in reply to YoungBlood)
Post #: 6
RE: How to limit a group users from Send/Rec mail to/fr... - 28.May2009 8:04:52 AM   
Grimmy

 

Posts: 1
Joined: 28.May2009
Status: offline
Does anybody have a working solution to this one? Creating contacts is out of question as our contractor is pretty big....

I have a group of people that should be able to receive anywhere but send only internally and to one external domain.

(in reply to YoungBlood)
Post #: 7

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2007] >> Message Routing >> How to limit a group users from Send/Rec mail to/from all external domains except the Client? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter