Two approaches to handling departed users in Exchange

Please let others know how useful this tip is via the rating scale at the end of it. Do you have a useful Exchange or Outlook tip, timesaver or workaround to share? Submit it to our tip contest and you could win a prize.

Whenever an employee leaves an organization where Exchange and Active Directory are in use, the Exchange administrator typically disables that person's mailbox or sets up some kind of forwarding system.

It's generally not a good idea to delete the user account entirely, as you may need that user's personal data for future use -- for instance, in the event it is subpoenaed or exhumed as part of an SEC investigation or Sarbanes-Oxley compliance action.

That said, if a user is no longer with the organization, what's the best way to handle incoming e-mails meant for that person? There are two commonly-used solutions that don't involve actually deleting the user object, but cause e-mails sent to the person to bounce as needed.

Option 1

The first technique is to simply set the user's e-mail address in his Active Directory object to something that does not correspond to a valid username or domain name in Active Directory.

For instance, if you're managing the domain aragami.com, and a user ichi@aragami.com leaves the organization, you can set his e-mail to something like ichi@xxyyzz.com -- provided, of course, you're not authorized to accept e-mail for the domain xxyyzz.com!

Option 2

A second method, which is slightly more flexible, is to create a custom distribution list specifically for departed users. This not only allows e-mails sent to deleted users to be moved out of the way into the BadMail folder, but also prevents a non-delivery report (NDR) from being generated -- and the fewer NDRs to deal with the, the better.

To do this in Exchange 2000/2003, create a mail-enabled distribution group (or a distribution list in Exchange

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Microsoft Exchange Server Non-Delivery Reports (NDRs) Troubleshooting Microsoft Exchange Server Event ID error 6009 A network connection problem or an offline server prevented delivery of the message Third-party tools that modify NDRs for oversized email SMTP 550 relay error when sending large attachments Not receiving email messages that have file attachments How to strip email attachments from Exchange NDR failure notifications Exchange Server error message: 'A non-delivery report with a status code of 5.4.0 was generated for recipient' How to select the mailbox account that sends Exchange NDRs 'You do not have permission to send to this recipient' errors AQADMCLI: Command-line SMTP queue management for Exchange Server Microsoft Exchange Server User Settings Control Outlook 2007 in cached mode settings with group policies Group policy settings for Outlook 2007 in cached mode Restrict access to Outlook Web Access via Exchange System Manager How to custom-configure a Microsoft Outlook 2007 install using OCT Expand Microsoft Outlook email rules with the Auto-Mate add-on tool Exchange 2007 out-of-office (OOF) feature adds usability and security Managing Microsoft Outlook search folder functionality Back up and restore Microsoft Outlook settings Managing Microsoft Outlook's AutoComplete option Can an admin create out-of-office messages from ESM or AD? Microsoft Exchange Server Mailbox Management Troubleshoot 'System Attendant' error messages in OWA Relocating Outlook email messages on a hosted Exchange 2007 server Performing advanced search queries in Microsoft Outlook 2007 Exchange Server 2010 public beta rolls out new features Microsoft Exchange Server email archiving tutorial Using the Export-Mailbox command in Exchange Server 2007 How Windows Desktop Search works in Microsoft Outlook 2007 ExMerge gotchas to watch for when migrating Exchange 2003 mailboxes Migrating mailboxes across domains with the Exchange Management Console When to use Move Mailbox Wizard or ExMerge to move Exchange mailboxes

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bounce e-mail  (SearchExchange.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

5.5). This list or group must have no members.

Add to the new list or group the e-mail addresses of the ex-employees in question, with the e-mail address itself specified as a secondary SMTP address, as would be done for a mailbox (i.e., the addresses need to be added to the E-Mail Addresses tab of the newly-created group).

Any e-mails sent to these addresses will now be bounced to the BadMail folder and will not generate an NDR.

(Thanks to Neil Hobson and his excellent MS Exchange Blog for this tip.)

About the author: Serdar Yegulalp is the editor of the Windows Power Users Newsletter and a regular contributor to SearchExchange.com.

We use the second approach with a slightly different twist. We set up a public folder (Exchange 5.5) for each interest group -- e.g., Marketing, R&D, Management, etc. -- so that it is available as read only in, say, Former_R&D_Colleagues. Then we divert the leaver's mail to that.

This provides a high degree of continuity for each department while they adjust to the loss of the leaver, and perhaps better helps any newcomer 'settle in.'

It is then pretty straightforward to archive the leaver's mail, when it is up to three months old, onto two CDs -- one for the safe and one for the relevant department head to have and open as a .PST should the need arise. This unburdens the mail system while still allowing 'reasonable' access for another three months, after which the second disc is also collected. The only nuisance is that, since a CD-R is read-only, it has to be copied to HDD with read-only removed -- otherwise Exchange won't let you open it!
—SA S.

******************************************

Usually when a person leaves my company (frequent), I disable the account in Active Directory and forward to a routing group called "Left" that has a folder in journaling account. I do this for subpoena reasons and to keep bad mail to a minimum.
—Travis B.

Topics Library: Exchange non-delivery reports

---

Rate this Tip To rate tips, you must be a member of SearchExchange.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.