Exchange Server 2010 allows you to restrict who can send to distribution groups. You can do this in different ways, but it is important to understand the pros and cons of each type of distribution group protection so that you choose the correct one for your situation.

Each of these methods can be implemented from any workstation or server you’ve installed the Exchange 2010 management tools on.

Preventing External Email to Exchange 2010 Distribution Lists

If you want to prevent any external sender from being able to send email to a distribution group you can simple enable the authentication requirement for that group.  This is found in the Properties of the distribution group in the Mail Flow Settings tab under Message Delivery Restrictions.

How to Restrict a Distribution List in Exchange Server 2010
Requiring authentication for senders to Exchange 2010 distribution groups

This option is enabled by default for distribution groups created in Exchange Server 2010, but may have to be manually enabled for groups that existed before your Exchange 2010 migration occurred.

This will prevent external, unauthenticated senders from being able to send to the distribution group but may also prevent senders such as network devices or applications from sending to the list if the device or application can’t perform SMTP authentication.

Restricting an Exchange 2010 Distribution List to Specific Senders

Requiring authentication for an Exchange 2010 distribution group won’t prevent any authenticated senders from sending to it, for example all of the mailbox users in your organization will still be able to send.  In some organizations it is desirable to restrict certain distribution groups to only certain senders.

This can be performed by configuring the Accept Messages From setting in the Message Delivery Restrictions, and specifying mail-enabled groups who are allowed to send to the list.

How to Restrict a Distribution List in Exchange Server 2010Outlook 2010 and OWA users will see a warning if they compose an email to a group they are restricted from sending to.

How to Restrict a Distribution List in Exchange Server 2010If the sender persists and sends the email anyway they will receive a non-delivery report.

#550 5.7.1 RESOLVER.RST.NotAuthorized; not authorized ##

Restricting distribution groups in this way gets the job done but it is an all or nothing approach.  There is no scope to allow some messages from people through to the distribution list.

Moderating Exchange Server 2010 Distribution Lists

When you have a distribution group that you want everyone to be able to send to, but you want to be able to approve or reject messages on a case by case basis, you can use moderation.  Moderation allows you to specify one or more mailbox users who can approve/reject emails sent to a distribution group.   This is found in the Properties of the distribution group in the Mail Flow Settings tab under Message Moderation.

How to Restrict a Distribution List in Exchange Server 2010Outlook 2010 or OWA users will see a warning when they are composing a mail to send to moderated groups.

How to Restrict a Distribution List in Exchange Server 2010The moderators will then receive an Approve/Reject email in their inbox.

How to Restrict a Distribution List in Exchange Server 2010Moderation can lead to delivery delays while messages are approved.  You can optionally configure a moderated group so that specific senders bypass the moderation requirement, so that frequent or trusted senders can send messages without any delays.

As you can see each of these methods of restricting who can send to distribution groups has its pros and cons.  There is no one size fits all approach, but you should be able to find a method that works best for your specific scenario.

About the Author

Paul Cunningham

Paul is a former Microsoft MVP for Office Apps and Services. He works as a consultant, writer, and trainer specializing in Office 365 and Exchange Server. Paul no longer writes for Practical365.com.

Comments

  1. Yehuda

    Great, I will look into it.
    Your articles tips and info here is being very helpful to me, makes my job easier.

    thank you for all that.
    Cheers.

  2. Yehuda

    Hello
    i have a very specific scenario i need your assistance with
    i have a small group of users for which i need to do the following:

    1) to prevent them finding any other user addresses, so when they search the GAL they can find only the users who belong to that group.
    2)restrict them from sending e-mail only between each other but to no one else inside or outside the org.
    is it possible?

    i have EX 2010

    thank you in advance

  3. winsun2003

    I have a user who is unable to send email with error X-Supplementary-Info: < #5.7.1 smtp;550 5.7.1 RESOLVER.RST.NotAuthorized;. I checked and found that the DL user is sending is a nested DL and have many Sub DLs added as a members. Could you please suggest a way to give permission to user at once in all sub-members of the DL or I have to give permission on them one by one.

  4. Nisar Ahmad

    Hi Paul,

    Getting error from one sender domain:

    You aren’t authorized to send to this recipient.
    550 5.7.1 Requested action not taken: message refused

    Please help in this regards,

    Nisar

  5. Fazli

    Hi Paul,

    I hv facing problem as below.

    1. Send a email ( outlook calendar ) to few group(min 5groups). Each group has min 3-4 email ID.
    2. Got error ” Delivery has failed to these recipients or groups: ”
    Ali (ali@abc.net)
    The server has tried to deliver this message, without success, and has stopped trying. Please try sending this message again. If the problem continues contact your help desk.

    As a new exchange administrator..what i should i do on my server.

    please help. Thanks.

  6. Mase Pro

    Hi Paul,

    How can I allow only specific external domain to email our distribution list(Mail Non-Universal Group).

    Hi have the “required that all senders are authenticated” enabled but will prefer to allow a domain not just a list of email users.

    Thank you

  7. Mac

    Hi Paul

    How I can recived a list of groups, which not required authentication?

    Thanks for answer!

  8. Bid

    Hi Paul,

    We run Exchange 2010 SP3 and two methods described above were used for a particular group. We however discovered that users are still able to send to the restricted group. Moderation set did not also work. This does not happen all the time though. I was just wondering if there has been any report of bugs on this settings and what we can probably do to prevent further embarrassment.

    Thank you

    1. Paul Cunningham

      I don’t know of any bugs relating to these features. Hard to say any more without being able to see the case first hand. It would be worthwhile making sure you’re installed to the latest Rollup Update.

  9. Sanjeev Kumar

    Let suppose X user is added in XY DL , and some one sent a email to XY DL as well as X in this case user will get two emails. I want user will get only one email. is that possible in exchange ???

  10. Ingo Hatalla

    Hi Paul,

    thanks for the quick reply.
    The external mails are hitting a smarthost (linux machine with postfix) and not the exchange server itself, so your guess about the misconfigured connector, considering the smarthost as authenticated is quite likely.

    I will have a look at the configuration and your link for the relay connector setup and might get back to you.

    Thanks
    Ingo

  11. Ingo Hatalla

    Hi there,

    I am having kind of the opposite problem. External mails still get through to distribution lists, allthough the “Require that all senders are authenticated” option is enabled.

    The SMTP connector does not require any authentication as we have some systems which need to be able to send mails without authentication, I guess this is the problem.

    Is it possible to have a SMTP connector without authentication but have exchange 2010 to only accept mail from domain users?

    Cheers
    Ingo

    1. Paul Cunningham

      The auth setting on the connector isn’t necessarily the problem, because anonymous senders are treated differently to authenticated senders. It really depends on the overall receive connector settings you’ve got in place, and whether the external email is hitting Exchange directly, or whether it’s hitting a smart host or load balancer first (a common misconfiguration is configuring a connector that considers the inbound smart host IP address “authenticated” and therefore any email appears to be from an authenticated sender).

      If you have internal systems that need relay access then you can configure a separate receive connector those those to use:
      https://www.practical365.com/how-to-configure-a-relay-connector-for-exchange-server-2010/

  12. david

    it is setup at the DL level.

    1. Paul Cunningham

      Then no, you can’t exempt certain senders from that. You’d need to move the size restriction to a transport rule where you can set an exemption.

  13. david

    I have a DL with about ~2000 users under it. I have message size restriction set fairly small to avoid abuse but I would like to make an exception for a few VIP types and their admins to send to this DL with a larger size email not necessarily as an attachment. Is this doable in transports rules? What would the rule start/look like. It’s a mixed exchange 2010-2013 environment.

    1. Paul Cunningham

      Where it the current size restriction set? Directly on the DL? Or at the org-level?

  14. Arrol Khoo

    Hi Paul,

    I’ve got a Mail enabled security group that i’ve migrated over from a 2003 exchange server to a 2010 server, i’m trying to add a security group to the approved senders list (there are already security groups in that list from when it was configured in 2003 exchange) however when searching for the list of possible users I can add, the security group doesn’t show up, I’ve made sure that the group is a universal security group but it still doesn’t come up in the search. Any ideas? Do you know if this is even possible? Any help would be greatly appreciated.

    Cheers

  15. Andy Bigsby

    @Biodun

    Sorry I did not see your post…

    In the Exclaimer software for the signature policies:
    1. Go to Conditions Tab
    2. With the “The Recipient is someone” option checked, select the Inside or Outside and the condition box will appear
    3. At the bottom of the condition box, there is an option for a check box for “Expand Distribution Lists before checking conditions”. YOU WANT THIS UNCHECKED!

    I believe you need to restart the Transport Services for these settings to take effect. I recall rebooting our CAS/HUBS.

  16. Nu

    I’d like to restrict sending to a distribution list to a few internal users (easy) and our parent company’s domain (anybody@anotherdomain.com) Any help would be welcome

    Thanks

  17. MeliOnTheJob

    Hello –

    This site has come in handy, but I can’t figure out how to gather a report of what Distribution lists, and type of access, 1 specific user has?
    Can you please help?

    Thx

  18. Girish

    Hi,

    I have a DL .While sending mail to the DL the sender who is member of the DL should not receive the email.Is this possible to achieve this scenario?

    Thanks
    Girish

  19. Girish

    Hi,

    I have a DL .While sending mail to the DL the sender who is member of the DL should not receive the email.Is this possible to achieve?

    Thanks
    Girish

  20. Azeez

    thanks a lot,
    i tried to add a user to dose that can send mail to all staff from message delivery restriction.
    then i select to receive mail only from the sender list and it works.
    am greatfull

  21. Gary

    Hi Paul,
    I have one user who is able to recieve emails sent to a All Staff Distribution Group but they are not able to send to it (They get the don’t have permission to send) message when composing an email.

    Any ideas?
    Thanks

  22. Andy Bigsby

    Hi Paul,

    Have you ever see a Restricted Distribution group still get an email from a non-authorized person? I just had this happen yesterday and cannot figure it out how it got through? I did message tracking on it and the logs show it failed, however the 223 recipients in the restricted distribution group still received the email.

    1. Andy

      My issue turned out to be a bug with our disclaimer software (Exclaimer).

      1. Biodun

        Hello Andy,

        How exactly did you narrow the issue down to Exxcliamer. Having the same issue and i need proof to confront Exclaimer support.

        Thanks

  23. Jeremy Steger

    Paul, We have email that goes through an antispam service and is then delivered to our network load balancer which is then delivered to our Exchange servers. We have the NLB set to TLS and externally secured in the hub transport.
    My thought is that since the NLB is delivering the mail and it’s considered an “authenticated” device that Exchange is processing the message as being from an “authenticated sender” and the mail is delivered to the DL.
    Have you experienced this anywhere? Your thoughts?
    I need to reject all senders if they are not internal. Moving forward we will only use the “domain.local” for the smtp only but I have hundreds of “domain.com” email addresses that are in use.
    thanks
    Jeremy

    1. Paul Cunningham

      Yes that is what is happening and it is a common mistake when people use the same load balancer VIP for inbound SMTP as well as SMTP relay for internal apps/systems.

      Do you have enough public IPs so that you could NAT both your Transport servers, and have the antispam service configured with two equal-cost inbound routes (one to each public IP)? That would bypass the load balancer while still providing HA for inbound email.

      1. Jeremy Steger

        Thanks for the quick reply Paul. I’ve asked our Network team if they can do anything about the F5 in this situation.

  24. Sahin Boluk

    Hi Paul,

    After you restrict a DL to only a few people and anyone that add’s the DL to an email can expand the list and send to those users. Is there a way to restrict the expansion of certain DL’s?

  25. Graeme C

    Hi Paul, I’ve set up moderation for a test group, and the mechanism works. The only thing I don’t see is the user warning in OWA and Outlook 2010 that the group is moderated. Have you seen this before? Is there anything I should check?

  26. Jon W

    I found one problem with the Transport Rule I set up. The “sent to a member of the group” and “delete the message except when the message is from” really came back to bite me. What ended up happening was that the members of the groups and external users could e-mail to the members of those groups. All other internal members had their e-mails deleted with no NDR. So, we ended up missing two days of mail without realizing it since we could e-mail each other. BEWARE!!!! Read those transport rules through. They are VERY literal.

  27. Jon W

    Is there a way to allow external users to send to a distribution group but restrict internal users who can send to the group? I had the Require that all senders are authenticated NOT checked. I also added a list of users who could send to the group. As it turned out, only those internal users I specified could send to it. External users were not able to get to it.

      1. Jon W

        I created transport rule on the HTP server that says:
        Apply rule to message
        sent to a member of ‘DistGroup@ourdomain.com’
        Delete the message without notifying anyone
        except when the message is from ‘me@ourdomain.com’ or ‘2nduser@ourdomain.com’
        or except when the message is from users that are ‘Outside the organization’.

        When I send a message to the group as me or 2nduser, it works. However, when I send from outside the organization from a Mindspring or Yahoo account, it never arrived. No NDR does not get sent back either.

        Any suggestions?

        1. Paul Cunningham

          You chose “Delete the message without notifying anyone” so naturally there will be no NDR.

          Remove or change that action to notify the sender while you test your rule. You can also use message tracking log searches to try and work out what happened to the test emails.

  28. Anil

    hi Paul,

    we have an urgent request here:
    1. Needs to block an external email address coming to our Hybrid exchange environment (On permises and 0365)
    2. However with an exception to allow the external email address to talk to only one person within our organisation.

    Please advise how to go about it

    Thanks
    Anil

  29. Brian Gawith

    It would appear that Exchange Admins bypass the moderator settings and their emails go through without delay. Is there anyway to keep those accounts on the same level as all other user accounts?

  30. Kiran

    Even though “Require that all senders are authenticated” check box is checked, still email which was sent by external email ID (Gmail) got delivered to the recipients of the DL.

  31. Kiran

    Hi Paul,

    We have Exchange 2010 organisatation, The organisatation was migrated from exchange 2007 to Exchange 2010, We have one DL in our organisation that DL is used by HRs, One of the external user is able to send email to that DL, Please let me know how is it possibe and how to ristrict it?

  32. Philippe Aepli

    Hello,

    I used your method to enable moderation on our distribution groups.
    When emails are sent from external addresses, they are moderate.
    But the emails sent from internal addresses, moderation does not work and the emails are delivered directly.

    Showing the moderation parameters we have for distributions groups:
    BypassNestedModerationEnabled: False
    BypassModerationFromSendersOrMembers: {}
    ModerationEnabled: True
    SendModerationNotifications: Always

    Thank you for your help.

    Regards.

  33. Aussupport

    HI Paul,

    Is there way to allow from trusted domains?

    i have set the “only allow messages from authenticated users”

    now network devices or applications cannot sending to the list. Also some of our other domains?

    AS

    1. Paul Cunningham

      If the DL needs to be used by external senders then the authenticated users option shouldn’t be used to restrict it.

  34. Abhishek

    Hi All,

    I am a little confused over one thing here and I don’t have a test environment to test this.

    A user has permission to send emails to a particular Distribution List (DL)- A , that distribution list has quite a few distribution lists as its members ( DLs B C and D are member of A) for which the user doesn’t have permission to send to.

    So, will he be able to send emails to “A” DL without getting a bounce back message ?

    Please let me know

    Thanks,
    Abhishek

  35. Bhushan

    1. how can sender get notification if message is approved by moderators.

    2. what if message is ignored by moderators i.e. its not approved and not rejected.

    1. Paul Cunningham

      1. They can set a delivery receipt on the message before they send it.

      2. It will sit in moderation forever I think. I’ve never really looked into that.

  36. Roy P

    No believe it or not paul it is actually an All Staff DL which goes out to the entire company, but the directors are very laid back about everyone having access to this and the constant reply to alls going to everyone. However as I.T we get moaned at about all these replys going back and forth from people who simply do not wish to see them and I can appreciate their point. It is quite embarressing as well some of the comments they put in knowing the MD’s see these and dont seem to mind.
    I did put in the Outlook 2010 mailtips with the ignore option to ignore the threads from filling your mailbox with the constant back and forth, but wondered if there is a discreet way of preventing them from simply replying to all on this All Users DL.
    You could say if the MDs are not bothered then why bother, but from a professional I.T persepctive it is embarressing as some of these threads turn to jokes etc that all members of staff see and go on and on. Basically just trying to discreetly keep the peace.
    I saw your thread here and have followed your tips over the last 10 yrs or so on various ex projects and thought if one of the Exc MVPs doesnt know then it cant be done from a technical stance so we will just live with it.
    If it cant be done thats fair enough.

    1. Paul Cunningham

      Ok, so you’re looking for a technology solution to solve a human behavior problem 🙂

      You’ve got a few options, none of which will be perfect.

      The first would be to restrict who can send to the DL. It seems like that won’t fly though, based on your comment above.

      The second would be to use moderation so that messages to the DL need to be manually approved. This will stifle responses quite a bit and may stop people abusing the list, but means anything urgent may get delayed, depending on how you configure it (moderation allows you to also specify users who are not subject to moderation).

      Another option may be to use a Transport Rule to detect any message with a subject starting with “Re:” that is going to that DL, and send it to a moderation queue. I imagine users will quickly work out how to get around this though 🙂

      Tough situation you’re in, especially if the bosses don’t care.

  37. Roy P

    Is there a way within ex 2010 to allow people to create a new email and send to a DL
    BUT
    Prevent people who recieve that email from doing the annoying reply to all.

    I cant really disable their reply to all option as thats not workable.
    Teaching them to NOT use reply to all and only reply to the person who sent the original email doesnt work with some of them either.

    So we end up with a swathe of emails going back and forth to everyone in the distribution list .

    1. Paul Cunningham

      Sounds to me like you’re using a DL for something that a shared mailbox may be more appropriate for.

  38. Elliot Brand

    Paul:

    We are running exchange 2007 and have rules set up for who can send to a couple of DG. The problem is that any user can expand the list and send an email to all of the individuals in that DG. Is there any way to shut this option off?

    Thank you,

    Elliot B

  39. san

    How can we automate the moderation of mails ?

  40. Tom Bedell

    Hi Paul. Thanks for your help. I appreciate it.

    Are there any tricks or gotchas with regards to setting delivery restrictions on an Exchange 2010 object in a user account/resource account organization? I know I need to link the permission to the user account and not on the disabled account in the resource forest, but I’m wondering what the cmdlt would use for the -User parameter. Thanks for any insight you can provide.

    Regards,

    Tom Bedell

  41. ONP

    I wanted to enquire whether we can restrict the users from creating their own local distribution list in MS Outlook 2007?

  42. Kristina

    Hi Paul,

    Is there a way to restrict access for a group of people from sending to groups in such a way that they do not have to be explicitly denied access (or left out of the people granted access) to each group when it is created ?

    What I want to do is set up a group which will have people who should not be able to email any distribution groups, wondering if the security on the Exchange Distribution groups could perhaps be used to do this ?

    Your thoughts would be very welcome 🙂

  43. zohaib

    well i want to distribute the list in such a way that a single person can mail both mail and female user but mail nd female cant send mail to each other but they can said mail to same gender . if u knw how to do it plz help me

    1. zohaib

      male*

    2. Paul Cunningham

      You’d need to store the person’s gender in one of the custom attribute fields for the mailbox and then you might be able to use Transport Rules to block mail between genders, but I can’t guarantee that will work reliably (or at all).

  44. Oscar Pedroza

    Paul,
    I hope you are well, do you know a way to moderate the number of recipients per mail, i have been looking for these for a long time and I don´t get any way to do this, I hope that you can give me and idea.

    Best regards,
    Oscar

  45. Ally Laurente

    Hi Paul,

    We have lots of restricted DG but users is just clicking the + sign and it will expand and they can send to the members. Is there a way to restrict the expansion of the restricted DG?

    Thanks,
    Ally

    1. Paul Cunningham

      Not that I’m aware of.

      Perhaps you can mask them using contacts that point to hidden DLs? Might get a bit complicated to administer though.

      If they are large DLs you could look at limiting the max recipients that people can send to.

      1. RickF

        Here’s what worked for me:
        (Restricting who can send to a DL, and preventing expansion of the DL by users)
        .
        1) In Message Delivery Restrictions, set the DL to Accept Messages from “only senders in the following list”. Add the list of users who are allowed to send to this DL.
        2) In Message Moderation, set (enable) “messages sent to this group have to be approved by a moderator.
        3) In Message Moderation, add the same list of users from Step 1 to the list “Specify senders who don’t require message approval”. (NOTE: You do not need to list a moderator(s) if you do not want to (I left mine empty)).
        .
        These settings result in the DL usage being restricted to a list of users. Now when anyone attempts to expand the DL (in Outlook or OWA), they will get a pop up message advising that “moderated groups cannot be expanded”.

  46. Rolf

    Hello Paul

    My problem is that though my distribution groups are configured to requier authentication for senders to the Exchange 2010 system, still that protection does not work. I thought that maybe some trust between the mail gateway from Internet and the Exchange HUB-server was the problem. But even if you just connect with telnet to port 25 on the HUB server you can address the mail to a distribution group!

    Is there maybe something in the receive connector that can make all incoming mail as if it was sent by an authenticated sender?

    Thank You for Your help!
    Please accept to have a very Happy 2012!

    /Rolf

  47. Dave

    Hi Paul,

    I am not able to choose a group to allow access to send to distribution groups. I can see all of the users in the AD but no groups… I oviously do not wish to add individual users as this would prove to be a nightmare!

    Do you have any ideas?

    Thanks

    1. Paul Cunningham

      Hi Dave, make sure your groups are Universal in scope, and that they are also security groups (they can be mail-enabled security groups if you want as well).

  48. Ignacio R

    Hi Paul,

    I have for several months had a distribution list that had external contacts blocked from sending emails to that list. The list is actually a Contact Us distribution list and we have potentially lost many emails of people trying to contact us. I wonder if there is a place where this emails are stored or can be seen?

    Thanks for the help,

    Ignacio

    1. Paul Cunningham

      You might be able to work out from the message tracking logs which email messages were blocked, but they won’t be stored anywhere that you an retrieve them from.

  49. Peter

    I have setup the distribution group as stated above and it was all working. Now all of a sudden if a user tries to send to the DG it says they do not have permission and just below it it states that it is going to send it to the members (Sending to 402 for example). If I create a brand new DG the permissions are enforced and the user cannot send at all. It would appear something has happened to the DG that I created a few months ago.

    1. Paul Cunningham

      Hi Peter, haven’t encountered that issue before, so its a bit hard to suggest what else to try other than recreating the DG?

      1. Peter

        I did that this weekend. It would appear all of the news are staying the same except 4 of them which then reverted back to being the same thing I stated above. The rest appear to be holding up and rejecting emails as expected.

        I think I have gremlins in my exchange enviroment and I may need to call Ghostbusters or I mean Microsoft. 😉

  50. Nathan

    Hello,
    I host email for nearly all the school districts in a geographic region. Some schools run their own mail servers. We have mail contacts setup for those districts so they can receive mail from distribution lists.

    Is there any way to authenticate a mail contact to send to the distribution list without allowing the whole world to be able to send to that list? We also have to allow sending for any user inside exchange as well.

    Thanks for your help,
    -Nathan

    1. Paul Cunningham

      Hi Nathan, not sure the answer on this as it isn’t a scenario I’ve tested out.

      1. Linda

        Hi!

        I would like to know this too! Have you found a solution to this yet?

        Thanks!
        Linda

        1. Paul Cunningham

          A Mail User instead of a Mail Contact could be used. A Mail User is a user account that is mail-enabled but has an external SMTP address.

  51. Lanny Evans

    What I am trying to do is restrict who can send an email to certain email accounts. We have email accounts for physicians that certain people need to be able to see and send email to. Everyone else in the organization needs to be restricted from sending email to those email boxes and hopefully not even seeing them in their GAL. Is there a way to accomplish that? Thanks,

    1. Paul Cunningham

      Hi Lanny, you can hide mailboxes from the GAL (it is a checkbox in the mailbox properties) and mailboxes also have similar delivery restrictions settings as groups do (also available in the mailbox properties).

  52. Brian Johansen

    I see. I learned som years ago to use Global groups, unless we have more than 1 domain and I can’t remeber more 🙂

    But, I don’t think that was the reason why we many times didn’t receive the mails sent to the groups. Sometimes they worked and sometimes not. It was very strange.

    1. Brian Johansen

      You are probably right regarding Universal, we have made som tests and it seems like we can expand all Universal groups and not always the old Global ones. it might also have fixed the problem with receiving mails. I haven’t heard of one single problem with the univesal groups in weeks, but yesterday I had a colleague who sent a mail and nobody received it, but it was one of our Global groups. I will now change the rest of the groups to Universal. I’m just concerned about one thing, what about if the Global group is a security group, is it possible to change it to Universal and keep the security settings/members?

      Brian

      1. Paul Cunningham

        The group membership remains intact after the conversion, yes. (edited a spelling mistake there)

  53. Brian Johansen

    Hi Poul
    We have a big problem with sending mails to distribution groups in Exchange 2010. We have just upgraded from Exchange 2007 to 2010, but the problem started in 2007, around may. We have spend several hours investigating with any luck. Maybe it has someting to do with an update?

    The problem occurs only with some groups and we never get any feedback. Sometimes it works with a group sometimes not. It looks like it maybe works if I create a new group. My colleague thinks it has something to do with caché and offline files.

    I’m not quite sure whether we have fixed the problem or not.

    Afther the upgrade we have had a problem expanding groups, sometimes it works, sometimes it works after 1-2 attempts.

    Thank you for your help.
    Brian

    1. Brian Johansen

      Sorry, Paul 🙂

    2. Paul Cunningham

      So what exactly is the problem, groups aren’t expanding?

      Have you checked that the groups are Universal in scope?

      1. Brian Johansen

        No, that’s just another thing that came up after upgrading, sometimes we can’t expand groups and see the members. Sometimes it works if we try 1-2 times to click the + sign.

        The main problem is that we couldn’t send to some groups earlier and i’m not sure if we have solved it. The worst thing was that you didn’t get any respond, so we didn’t know whether the mails got through or not. But it seems like the new group works and maybe also the fix with removing caché mode and delete the .OST file. I haven’t hear from my users in the last weeks during the summer holiday time, I hope that’s good.

        I just wondered if you had experienced something like that before and had some input. My Exchange colleague is back in business next week and we wil sit down and evaluta.

        I appreciate your quick answer.

        Brian

      2. Brian Johansen

        Yes, we have changed most of our groups to Universal, before they were Global. If it’s Global we can’t look up the AD groups in Exchange. Is it necessary to use Universal when we have Exchange 2010?

      3. Paul Cunningham

        Yes they should be Universal. Having them Global would be a likely explanation for the non-delivery. When you created new ones they would be Universal and I’d expect them to work fine.

  54. Liz

    Hi, is there a way to view a list of who is authorized to send to a distribution list once you have restricted it?

    We have a good number of distribution lists within our company that are restricted and need a way to report on who is authorized to send without having to scroll and make screen shots every time HR wants to review them.

    Thank you in advance for your assistance.

    Liz

  55. Kirstin

    How do I prevent E2010 from enabling the “Require that all senders are authenticated” for every new d-list?

    1. Paul Cunningham

      Not sure if you can. I’ve never looked into it since it is there for a pretty good reason and I like it that way 🙂

  56. Patrick Dufourq

    Good Day,
    How can you restricts distribtion list in Exchange 2007.

    I would like 3 specific users to be able to send an email using a list to lets say 10 external users (not in the same domain).
    Thank you for your help.
    Kind Regards

    1. Paul Cunningham

      You can use the second method, “Restricting an Exchange 2010 Distribution List to Specific Senders”. The only difference being that Exchange 2007 users won’t see the warning if they are composing an email to a list they can’t send to, they’ll just get the NDR after they send it.

      1. Jim Hartsook

        Paul, if you send out an email to a group, how can you prevent individuals “replying to all” that the message was sent to?

          1. Warner

            Paul, we’ve restricted who can send to a specific distribution group by only allowing authenticated users to send to it, and then adding specific individuals or groups to that list. My question is, are IP addresses (of servers) that we allow to relay excluded from this blocking? We have a SharePoint server that we would like to be able to still send announcements, etc to the whole group, but the email address that it sends from is NOT an authenticated user. It appears to still be working, which leads me to believe that our “blocking” tactics are not working, OR the IP addresses on the relay list are considered “authenticated users”. Can you answer this question?

            Thanks much!

Leave a Reply