A question that comes up many times in forums is how to block users from sending emails outside the organization in Exchange 2007. Though the process is simple, I though I will blog it & make it easier for me to answer those questions in the forum by providing the link!
If you have many users or say a department that you want to block from sending emails outside, you can create a transport rule in Exchange 2007. In order to create a rule that blocks people from mailing outside, follow the steps.
- Create a distribution group, say “No Outbound Emails” and add all users whom you want to block into it.
- Navigate to Organization Configuration -> Hub Transport -> Transport Rules.
- Click the “New Transport Rule” from the actions pane.
- The wizard starts, give a sensible name.
- Select “from a member of distribution list”, click on distribution list and select the group that we have created before.
- Select “send to users inside or outside the organization”, click on Inside & change it to Outside.
- Click Next
- Select “send bounce message to sender with enhanced status code”.
- You can change the default message “Delivery Not Authorized, Message Refused” to something more meaningful.
- Click Next.
- Click Next again.
- A summary will be displayed, click New & Finish.
The rule will be active straightaway. If you want to block more users in the future, just add them to the group that we had created in step 1.
What if you want to block receiving external emails?
With the above method, users in that group will note be able to receive emails, as all groups in Exchange 2007 are protected by default. All groups have “Require that all senders are authenticated” option enabled by default. It’s in group properties -> mail flow settings -> message delivery restrictions -> properties.
You have to enable this option on the user properties if you want to block one user (may be few) from receiving emails from outside.
Hi,
read your article,
We want to do this for 3-4 seleceted users :
1. Disable outbound email from these users (internal and external)
2. Still have ability to check email
3. Forward the three users email to different mailboxes
What settings wil be needed for this ?
If 1. is enabled, will forwarding do different mailboxes still work ?
Paras
Hi Paras,
1. Configure a transport rule to silently drop all emails from these three users.
2. Yes
3. Enable forwarding on the mailboxes to a different one. Not sure whether the transport rule will kick in.
Do check.
Thanks.
Hi Paras Tolani — Have been able to configure your requiremenmt. I also have samething to be done.. please suggest if you got the answer..
As exchange caches most of the settings, the only way to get an immediate response for the change made is to restart the appropriate exchange services.
One very good thing to note – the transport service only rechecks DL membership once every 4 hours. This is NOT configurable. Only "quick" way to speed it along is restarting the transport service. FYI.
http://www.chrislehr.com
That is also an option Paul. It's all down to an admin's imagination as to how they want transport rules to be run.
Hi Rajith,
Interested solution for blocking outbound emails. I've always taken the opposite approach with the transport rule by denying outbound email to *everyone* except members of an "Allow Internet Email" group.
Example:
http://bit.ly/143CJ4