EXPERT RESPONSE
You can do this either through extreme permission restrictions or obscurity. I would recommend obscurity first and permission restrictions second. There is a Hide from Exchange Address List attribute, on the Exchange Advanced tab that you can enable on every recipient object in Active Directory. Enable this setting on all objects except for the few Distribution Groups that you want people to send to. This obscures the fact that everyone has an e-mail address, but allows everyone to look up the distribution groups in the global address list. On the downside, users can still send/receive e-mail from anyone if they know the SMTP address.
If your requirement is to enforce any unauthorized means of sending of mail, you can accomplish this by restricting permissions so that no one has permissions to send to anyone accept a few select mailboxes. These select mailboxes will have permissions to send to every user, and can be configured to forward messages to a corresponding distribution group. This is an advanced configuration with a variety of ways the permissions could be applied. Because changing the default permissions could have a negative affect, I would recommend that you test and tweak the permissions in a lab before attempting in production.
There is a straight forward way to restrict who can send inbound mail from the Internet to a specific user or distribution group. The Microsoft Knowledge Base article How to restrict the users who can send inbound Internet e-mail to another user or to a distribution group in Exchange 2003 documents how to set this up.
Do you have comments on this Ask the Expert Q&A? Let us know.
Related information from SearchExchange.com:
15 tips in 15 minutes: Managing recipients and distribution lists
Tip: Securing Outlook 2003 messages with IRM
Reference Center: Exchange Server permissions
|
