Two approaches to handling departed users in Exchange

Please let others know how useful this tip is via the rating scale at the end of it. Do you have a useful Exchange or Outlook tip, timesaver or workaround to share? Submit it to our tip contest and you could win a prize.

Whenever an employee leaves an organization where Exchange and Active Directory are in use, the Exchange administrator typically disables that person's mailbox or sets up some kind of forwarding system.

It's generally not a good idea to delete the user account entirely, as you may need that user's personal data for future use -- for instance, in the event it is subpoenaed or exhumed as part of an SEC investigation or Sarbanes-Oxley compliance action.

That said, if a user is no longer with the organization, what's the best way to handle incoming e-mails meant for that person? There are two commonly-used solutions that don't involve actually deleting the user object, but cause e-mails sent to the person to bounce as needed.

Option 1

The first technique is to simply set the user's e-mail address in his Active Directory object to something that does not correspond to a valid username or domain name in Active Directory.

For instance, if you're managing the domain aragami.com, and a user ichi@aragami.com leaves the organization, you can set his e-mail to something like ichi@xxyyzz.com -- provided, of course, you're not authorized to accept e-mail for the domain xxyyzz.com!

Option 2

A second method, which is slightly more flexible, is to create a custom distribution list specifically for departed users. This not only allows e-mails sent to deleted users to be moved out of the way into the BadMail folder, but also prevents a non-delivery report (NDR) from being generated -- and the fewer NDRs to deal with the, the better.

To do this in Exchange 2000/2003, create a mail-enabled distribution group (or a distribution list in Exchange 5.5). This list or group must have no members.

Add to the new list or group the e-mail addresses of the ex-employees in question, with the e-mail address itself specified as a secondary SMTP address, as would be done for a mailbox (i.e., the addresses need to be added to the E-Mail Addresses tab of the newly-created group).

Any e-mails sent to these addresses will now be bounced to the BadMail folder and will not generate an NDR.

(Thanks to Neil Hobson and his excellent MS Exchange Blog for this tip.)

About the author: Serdar Yegulalp is the editor of the Windows Power Users Newsletter and a regular contributor to SearchExchange.com.

We use the second approach with a slightly different twist. We set up a public folder (Exchange 5.5) for each interest group -- e.g., Marketing, R&D, Management, etc. -- so that it is available as read only in, say, Former_R&D_Colleagues. Then we divert the leaver's mail to that.

This provides a high degree of continuity for each department while they adjust to the loss of the leaver, and perhaps better helps any newcomer 'settle in.'

It is then pretty straightforward to archive the leaver's mail, when it is up to three months old, onto two CDs -- one for the safe and one for the relevant department head to have and open as a .PST should the need arise. This unburdens the mail system while still allowing 'reasonable' access for another three months, after which the second disc is also collected. The only nuisance is that, since a CD-R is read-only, it has to be copied to HDD with read-only removed -- otherwise Exchange won't let you open it!
—SA S.

******************************************

Usually when a person leaves my company (frequent), I disable the account in Active Directory and forward to a routing group called "Left" that has a folder in journaling account. I do this for subpoena reasons and to keep bad mail to a minimum.
—Travis B.

Topics Library: Exchange non-delivery reports

---

Rate this Tip To rate tips, you must be a member of SearchExchange.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Microsoft Exchange Server User Settings Email issues after configuring hosted Exchange server on laptop Control Outlook 2007 in cached mode settings with group policies Group policy settings for Outlook 2007 in cached mode Restrict access to Outlook Web Access via Exchange System Manager How to custom-configure a Microsoft Outlook 2007 install using OCT Expand Microsoft Outlook email rules with the Auto-Mate add-on tool Exchange 2007 out-of-office (OOF) feature adds usability and security Managing Microsoft Outlook search folder functionality Back up and restore Microsoft Outlook settings Managing Microsoft Outlook's AutoComplete option Microsoft Exchange Server Mailbox Management Industry expert analyzes future of messaging Delivering email between Exchange server test and production domains Microsoft Outlook error message: 'Mailbox Size Limit exceeded' Restoring user accounts and mailbox links in Active Directory Problems receiving email from outside a Exchange Server 2003 domain Best practices for moving mailboxes in Exchange Server Exchange admins: Is it time to rethink your email address policy? Exchange Server 2003 collects email from only specific POP3 domains Troubleshoot 'System Attendant' error messages in OWA Relocating Outlook email messages on a hosted Exchange 2007 server Email Compliance Is full email encryption the solution to Exchange security? Exchange Insider e-zine Create a journal rule in Exchange 2007 to secure journaling mailboxes Set up messaging records management (MRM) in Exchange Server 2007 Exchange event sink scripting error when configuring email disclaimer Email archiving and e-discovery best practices for Microsoft Exchange How to set up email disclaimers on a single, back-end Exchange server How to set up Exchange 2007 message classifications Exchange Server email compliance guide Exchange Server 2007 journaling tutorial Email Compliance Research RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bounce email  (SearchExchange.com) messaging server  (SearchExchange.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.