Bad practice to allow external users to send to Exchange distrib lists?

Topic

New Reply

Is it bad practice to allow all external email users (@gmail, @yahoo, etc.) to send to internal Exchange distribution lists? :confused: I recently read that this feature was enabled by default on Exchange 2003, but disabled by default on Exchange 2007 and later.

I have a high-up partner to my organization requesting this feature. I have the option of enabling this, or telling them to create their own email groups in their own Lotus email software. Since this higher up does not know all the people in my organization (40+ people), it would be very difficult for them to keep their personal email group list up to date, which is why I don’t like that option for them.

The feature is controlled by the “Require that all senders are authenticated” check box.

In Exchange 2010:
Exchange Management Console -> Microsoft Exchange On-Premises -> Recipient Configuration -> Distribution Group -> [Select a distribution group] -> Right click, properties -> Message Delivery Restrictions -> Uncheck “Require that all senders are authenticated”.

This would be my ideal solution –
Is it possible to enable email users from just that one partner’s external domain (@theircompany.com) to be able to email to my Exchange distribution lists? If so, please provide detailed Exchange 2010 steps.

Thank you!
Peter

Reply | Quote

Replies

We allow external users to email some distribution lists but not all. The ones that we allow are generic enough (i.e. sales, support, etc.) that trying to figure out how to limit them is more trouble than it is worth.

I don’t believe you can use Message Delivery Restrictions to allow an external domain.

You could try creating a Hub Transport Rule where you have more flexibility.

Joe

--Joe

Reply | Quote

You could try creating a Hub Transport Rule where you have more flexibility.
Joe

Can you point me to any online tutorials on hub transport rules? I have not worked with them.

Thank you,
Peter

Reply | Quote

They are very similar to Outlook rules in the way they are constructed. There is a wizard that walks you through the process.

For more information on creating transport rules, open the EMC, click Microsoft Exchange On-Premises -> Organization Configuration -> Hub Transport. Then click on the “Transport Rules” tab and then Help.

Joe

--Joe

Reply | Quote

They are very similar to Outlook rules in the way they are constructed. There is a wizard that walks you through the process.

For more information on creating transport rules, open the EMC, click Microsoft Exchange On-Premises -> Organization Configuration -> Hub Transport. Then click on the “Transport Rules” tab and then Help.

Joe

I found this on Technet:

An accepted domain is any SMTP namespace where this Exchange organization sends and receives e-mail on behalf of recipients. Authoritative domains are accepted domains where the recipients’ mailboxes are in this Exchange organization. Relay domains are accepted domains where the recipients’ mailboxes aren’t in this Exchange organization and the mail has to be relayed to an external e-mail server or Exchange organization for delivery to the recipient.

and this on technet:

[*]Authoritative Domain To specify that e-mail messages are delivered to a recipient that has a domain account in your Exchange organization, select this option.
[*]Internal Relay Domain To specify that e-mail messages are either delivered to recipients in your organization or relayed to a server outside your Exchange organization but still under the authority of your company or IT department, select this option.
[*]External Relay Domain To relay e-mail messages to an e-mail server outside the Exchange organization, select this option.

But I don’t see anything about accepting messages from other domains, mostly about sending messages to other domains.

Any help is appreciated.
-Peter

Reply | Quote

I prefer mail enabled public folders for external mail. Simple to manage via permissions and prevents spam clogging everyone’s email.

cheers, Paul

Reply | Quote

I prefer mail enabled public folders for external mail. Simple to manage via permissions and prevents spam clogging everyone’s email.

cheers, Paul

Teaching some users how to use public folders, or simply getting them to check there email everyday can be a tall order at some organizations. I have worked at some where users still haven’t adopted reading their work email daily and prefer to use email as little as possible. In my case, I don’t think adopting public folders is the option for me.

We allow external users to email some distribution lists but not all. The ones that we allow are generic enough (i.e. sales, support, etc.) that trying to figure out how to limit them is more trouble than it is worth.

How do you allow some distribution lists to be open to external users, but not all?

You could try creating a Hub Transport Rule where you have more flexibility.

Since I don’t know how to do this, and I didn’t get any feedback on this option, I won’t be able to do this.

So I have two choices. Just send the outside user a flat file with all the emails comma separated, or open up my Exchange distribution to outside users, and risk spam (per my original post). My main question is whether or not that is a bad practice.

Thanks,
Peter

Reply | Quote

I still think a Transport Rule is your best bet. Go to Microsoft Exchange On-Premises -> Organization Configuration -> Hub Transport -> Transport Rules. In the Action Pane click on “New Transport Rule” or in the result pane (in the center) click on a blank spot and select “New Transport Rule”. The wizard will start. You can deselect “Enable Rule” on the first screen, build the rule, check it visually, finish the wizard. Then go back and enable the rule. If you’ve ever created an Outlook rule you can figure out a Trabsport Rule.

Joe

--Joe

Reply | Quote

Ok, I’ll give it a try – I use Outlook rules all the time.

Reply | Quote