Announcement

Collapse
No announcement yet.

Restricting users from sending to specific domains.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Restricting users from sending to specific domains.

    Hello everyone.

    I seem to be having a problem with restrincting a Group of users from sending emails to some specific domains (gmail.com, yahoo.com, msn.com)

    I'm using Exchange 2003 on a SBS 2003 box. I am very aware that it's absolutely futile to restrict the domains i mentioned earlier, as the users could send to a multitude of other free mail accounts, but as long as the Managment is happy and I get the check at the end of the month, it doesn't really matter, does it ?

    Anyway, so far I have configured a secondary SMTP connector, with the cost for the gmail.com address space set to 1; reconfigured the default SMTP Connector, with the cost of 3 for the * address space; verified that CheckConnectorRestrictions seting in the registry is correct; configured the secondary (restricted) connector to reject messages from the RestrictedMail Group.

    Theoretically, one of the restricted users sends an email to a gmail.com account, it should try the connector with the lowest cost for that particular domain, and, considering that it's not allowed to send through that connector, is should generate a NDR.

    Rather than doing that, the email is sent to the gmail.com recipient with no problem.

    I suspect that not being able to send through the restricted connector, it tries the default connector, with the higher cost, and sends the message through that connector.

    If that's true, is there any way that I could make that email check only the restricted connector and generate the NDR?

    Thank you in advance for the answers.

  • #2
    Re: Restricting users from sending to specific domains.

    How long did you wait after making the change? The whole point of the costs on the connector is so that Exchange doesn't attempt to use the connector that has a higher cost. If the lower cost matches then it will be rejected.

    Simon.
    --
    Simon Butler
    Exchange MVP

    Blog: http://blog.sembee.co.uk/
    More Exchange Content: http://exchange.sembee.info/
    Exchange Resources List: http://exbpa.com/
    In the UK? Hire me: http://www.sembee.co.uk/

    Sembee is a registered trademark, used here with permission.

    Comment


    • #3
      Re: Restricting users from sending to specific domains.

      Originally posted by Sembee View Post
      How long did you wait after making the change? The whole point of the costs on the connector is so that Exchange doesn't attempt to use the connector that has a higher cost. If the lower cost matches then it will be rejected.

      Simon.
      Hello Simon

      That's exactly what I thought and it makes perfect sense to me. Unfortunately it's just not working. I restarted the Exchange routing engine, SMTP service, Exchange store ... heck, I even restarted the server. Tested again now, after about six hours ... still no go.

      There must be something I'm not taking into account here ...

      Comment


      • #4
        Re: Restricting users from sending to specific domains.

        That would tend to point to the restriction not being applied correctly. If you set the restriction to an individual mailbox as a test, does the email get rejected then?

        Simon.
        --
        Simon Butler
        Exchange MVP

        Blog: http://blog.sembee.co.uk/
        More Exchange Content: http://exchange.sembee.info/
        Exchange Resources List: http://exbpa.com/
        In the UK? Hire me: http://www.sembee.co.uk/

        Sembee is a registered trademark, used here with permission.

        Comment


        • #5
          Re: Restricting users from sending to specific domains.

          Originally posted by Sembee View Post
          That would tend to point to the restriction not being applied correctly. If you set the restriction to an individual mailbox as a test, does the email get rejected then?

          Simon.

          Hello again Simon.

          Yes, I've also tried that. Applied the restriction to both mail enabled groups and individual users.

          Also, I've configured the address space on the higher cost, default SBS SMTP Connector, to point to a dummy domain, rather than *. In that case, the restriction applied successfully. This is what made me believe that after getting rejected by the lower cost connector, the message is actually sent through the default connector.

          Comment

          Working...
          X