Most Exchange servers are used as Internet mail systems, but in a few circumstances an administrator may need to...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
configure an Exchange server to prevent some users from sending e-mail to external (non-Exchange) Internet addresses.
For instance, someone whose duties were limited to internal support only could be given this restriction. Another scenario might involve a site where certain personnel are operating under security constraints, and are not permitted to send offsite e-mail. (They would still be allowed to send e-mail to other peers on the same Exchange Server, however.)
To enable this restriction:
- Create a new Mail-Enabled Group in Exchange which will be used to identify all users who have this restriction.
- Add any users to have incoming mail restricted to this group.
- Create a new SMTP Connector on the Exchange Server and associate it with the appropriate Exchange Server.
- Under the Delivery Restrictions tab of the connector's Properties, add the created group to the "Reject messages from:" section.
Note that delivery restrictions on connectors may not initially work, since connector restriction is turned off by default for Exchange 2000. This is to keep system performance from being affected, but if there is only one or a couple of groups that are using restrictions, the affect on performance will not be noticeable. To enable delivery restrictions on connectors, navigate to HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/Resvc/Parameters/ in the Registry, add a new DWORD value named CheckConnectorRestrictions and set it to 1. (You will need to restart the Exchange Routing Engine and SMTP services for this to take effect.)
Serdar Yegulalp is the editor of the Windows 2000 Power Users Newsletter. Check out his Windows 2000 blog for his latest advice and musings on the world of Windows network administrators – please share your thoughts as well!