Exchange - How to Block Users from Sending External Email

Exchange Server - Email for Business

More and more businesses are adopting Exchange Server 2010 for their company email and in this modern world it is very uncommon for everyone not to have an email address. Although this is great and allows users to be contactable, often companies only require their users to send emails to each other, perhaps for the purposes of staff memos or just to let everyone know when the next staff party is.

Staff will have to come up with new ways to email.

Why Block Users from Sending External Email

Some businesses would like to block their users from emailing their friends and family all day as this affects productivity, however they still want them to send and receive the emails that tell them that the owner of the blue Toyota Corolla has left their lights on.

Now.. The How To on Exchange Blocking

So how do we block only some users from sending external emails while allowing them to still send internal emails. This is best achieved by utilising Transport Rules which are a part of Exchange Server 2007 and 2010.

Distribution List for Blocked Email Users

Distribution Lists - Not just for Group Delivery

First lets create a distribution group to add the users to that we want to block from sending the external emails. In the Exchange Management Console under Recipient Configuration click on Distribution Group. Then from the Actions pane on the right choose New Distribution Group. Follow through the wizard and give the group a name like Blocked Users or something similar. Then double click on the new Distribution Group and on the Members Tab, add all the users for which you are blocking external email.

Transport Rule to Block External Email for Users

Transport Rules - The key to Blocking External Email

Transport rules are powerful and with them you can achieve many different outcomes, they are very similar in functionality to the Rules in Microsoft Outlook, where we set Conditions, Actions and Exceptions. Firstly expand Organization Configuration and click on Hub Transport, then from the Actions Panel on the right hand side choose New Transport Rule. Now start by giving the rule a name, something like Block Users from Sending External Emails, then click next.

Create Conditions of Which Users to Block Emails from

Next we Setup the Conditions of Which Users to Block

To setup the conditions we, put a tick in the option "from a member of a distribution list" and the option "sent to users that are inside or outside the organization, or partners" then in the Step 2 box below click on Distribution List and add the distribution list we created earlier, which should contain all users that will be blocked from sending externally, then go next.

What do we want to do with the Blocked Emails

Next we Decided what to do with the Blocked Emails

On the Actions menu it's really up to you what you want to do with the emails that are trying to be sent externally. You could for instance have them forwarded to a manager for them to deal with, or have them redirected to another mailbox for monitoring. In this scenario though we are going to set them to "Send Rejection message to sender with enhanced status code". Now you click on "Rejection Message" and enter the error that you want the user to receive if they try to send an external email. In this example I have used "External Email is Disabled for your user account" but its up to you what to put. Then click "Enhanced Status Code" and just use the default "5.7.1". Then click next.

Got Exceptions?

Any Exceptions?

You are free to create any exceptions to this rule, perhaps you want to allow them to only send to a select number of suppliers or contractors. For this you would simply choose "Except when the message is sent to people" and then add in the users email addresses that are allowed. For this how to though we won't be creating any exceptions.

Confirm the Email Blocking details are correct

Last but not Least

Final step is to confirm that we have entered all the details correctly and then we can click New to create the Transport Rule which will block certain users from emailing externally.

Test shows that the External Email was Blocked by Exchange

Now to test the External Email Blocking

To test the new Transport Rule we just created I simply logged into OWA with an email address that was part of the Distribution Group we created and tried to send an email to my external Gmail Email. Naturally Exchange picked up that I was a member of the Blocked Users distribution list and that I was trying to send an external email and it generated a non-delivery error report instantly. See the image attached that shows where the error message appears for the users.

Any Problems?

I hope this tutorial has been fairly straight forward for everyone to follow, but as always if you would like professional IT Support with your particular issue then don't hesitate to contact our team at One - IT Services.

More by this Author


Comments 5 comments

Steve Pringle 3 years ago

Can I reprint this on Facebook?


Oneit profile image

Oneit 3 years ago from Auckland Author

Hi Steve,

Would prefer that you simply linked to our post rather than putting the content on facebook too. Google doesn't really like duplicate content and this page ranks quite well.

Brett


Manvir 3 years ago

Your a Don my friend!


Renato 2 years ago

Is it possible to disable this message "error report"? I do not want that users now about it.

Thanks


John 2 years ago

You can also just ask them for a confirmation for all external recipients. Check out add-in SafeSend at www.safesendsoftware.com

    Sign in or sign up and post using a HubPages Network account.

    0 of 8192 characters used
    Post Comment

    No HTML is allowed in comments, but URLs will be hyperlinked. Comments are not for promoting your articles or other sites.


    Click to Rate This Article
    working