Monday, October 27, 2014

Block sending/receiving external emails in Exchange 2010

From small to large, every organization wants certain control on emails transmission over the network; sometimes cause of policies and sometime due to security purpose. Thanks to Microsoft Exchange for facilitates such features, and provide certain rights to Exchange admin to control users & their email transmission to stop or block any user from sending and receiving email externally in Exchange Server 2010. 
However, disabling mailbox is also a way to permanent prevent mailbox from sending and receiving internal as well as external emails, but if a user or group of users are currently working in the organization, so you shouldn’t disable any mailbox for email blocking. BTW, you can check here how to delete/disable mailbox in Exchange.

So here we’re discussing how to block a user from receiving and sending outside emails in Exchange Server 2010. It can be done with shell command and transport rules or a combination of transport rules. 

There are two options in Exchange 2010 to block sending and receiving emails externally; either delete the emails which user attempts to send without informing or send NDR back with a modified message to the user. 

So, below are the following steps to configure the setting in Exchange 2010 to block external email transmission –

Open Exchange Management Console (EMC).

Open transport rules by navigate through 'Organization Configuration' –> 'Hub Transport' –> 'Transport Rules'

Create a new rule and give it any desired name. Now select the target user mailbox account after selecting 'from people' in the condition page. 

However, above rule will only block a single user account for sending or getting external emails, but if you want to apply the same rule on more users; you need to add more numbers of group to block and unblock numbers of users accordingly.
Now navigate to action page after selecting the targeted user’s mailbox, choose here any or one of the options according to your choice. Click 'New' and 'Finish'

Now block the user from getting emails, but by-default distribution group in Exchange Server 2010 does not receive external emails because of group's property 'Require that all senders are authenticated'. So the same can be applied to the mailbox from stop the receiving emails.

But this option does not visible in Exchange Management Console (EMC) so Shell command can be used to overcome this limitation. 
But again, any user can send mail to mailbox by-default because of 'RequireSenderAuthenticationEnabled' is set to False. So, run the following command to make it True to block delivering of the external emails for a user. 

Set-Mailbox –identity "JohnPlayer" –RequireSenderAuthenticationEnabled $true

Note: "JohnPlayer" is used as a mailbox example in above command.

However, you can use transport rule to block all the external emails from the internet to the user. So, first you would require creating group and adding user to it. But, if you want to block numbers or user or user list changes frequently; create a new transport rule with below condition. 

That’s it. So, follow the above solution for hold certain control on Exchange users as well as their emails externally transmissions.
Hope, it works.

No comments:

Post a Comment