Some organizations have strict security policies when it comes to email. Most of you have seen a request from HR or Legal asking you to block a particular user (maybe a temp) from sending and receiving emails from outside the organization.
This can be accomplished with transport rules or a combination of transport rule and shell command.
We can configure a transport rule to block the user from sending emails externally. There are two options, either we can delete the emails which the user tries to send without notifying anyone or we can send an NDR back to the user with a customized message.
Launch EMC, navigate to Organization Configuration –> Hub Transport –> Transport Rules. Create a new rule and give a meaningful name. Select “from people” in conditions page and select the mailbox account. We can also create a group and add the group if more number of users have to be blocked and unblocked on a regular basis.
From the actions page, select one of the options depending on your choice.
Configure any exceptions if needed, click on “New” and “Finish” to create the rule.
Now, let’s block the user from receiving emails from the internet. Everyone knows that the distribution groups in Exchange 2010 doesn’t accept emails from outside the organization by default. This is because of the check box “Require that all senders are authenticated” in the group’s property.
The same can be applied to a mailbox as well. This option is not exposed in the EMC and hence the shell has to be used. By default, anyone can send an email to a mailbox, as the “RequireSenderAuthenticationEnabled” is set to false.
Run the following command to block external emails for a user, say ChakkaRajith in my case.
Set-Mailbox –identity “ChakkaRajith” –RequireSenderAuthenticationEnabled $true
We can also block emails from internet to a user using transport rule. It is advisable to create a group, say “NoExternalEmails” and add members to it, if the user list changes frequently. Create a transport rule as explained above with the below conditions.
The steps are same for Exchange 2007 and is explained in my article posted in 2009.
Anonymous December 10, 2010 at 3:22 am
This is will not work it will block user from sending both internal and external users
saqi February 14, 2012 at 1:00 pm
Yeah, it will, as it is said in first paragrapsh dear.
regards
Rajith Enchiparambil February 15, 2012 at 2:02 pm
Thanks Saqi.
Pranay Jha March 21, 2012 at 1:47 pm
To block user send and receive externally, follow below steps:
Open Exchange Management Console from Exchange Server 2K7.
Go to Organization Configuration.
Select Hub Transport.
In right panel, click on New Transport Rule.
Give any name as per your convinience>>Next
Select “From People” and select name below as per your requirement>>Next
Select “Send bounce message to sender with enhance error code” option>>Next
Finish.
Rajith Enchiparambil March 21, 2012 at 1:56 pm
Thanks Pranay for the steps.
William October 1, 2012 at 4:39 pm
Hi,
I need to create a transport rule for all users who no longer work at the company. I tried to do the following:
Transport Rule > Apply rule to messages from users that are ‘Outsite the Organization’ and sent to member of ‘Distribution Group’ send ‘rejection message’ to sender with ‘enhanced code’
But I could not include the message you want, explaining that this person is no longer official business. Does anyone know what is the best way to accomplish this task?
Thank you,
Rajith Enchiparambil October 1, 2012 at 7:21 pm
HI William,
Why don’t you login to the mailbox and set an automatic reply (OOF) rather than a transport rule.
NASER January 24, 2013 at 11:08 am
hi
why rule of sending to outside-org don’t work after creating it
thank u
Rajith Enchiparambil February 1, 2013 at 8:09 am
What are you trying to achieve? Bit more info pls Naser.
NASER January 24, 2013 at 11:06 am
hi
why rule of sending to outside-org don’t work after creating it
thank u
muhammed.ubais May 21, 2013 at 7:05 am
i am member of domain admini and exchange admini. but i could not able crate a tranportrole.
Rajith Jose Enchiparambil May 21, 2013 at 7:39 pm
Which Exchange Management role are you a member of Ubais?