Wednesday, July 11, 2007

Microsoft Exchange 2007 Distribution Group Security

Today I found out that Distribution Groups within Microsoft Exchange 2007 have security placed on them that requires users to authenticate when sending emails to them. I understand having this feature, but I would argue against it being on by default.
With this setting on users outside your company cannot email to the distribution group. For some of my groups this is what I want. But for specific groups I want people outside my enterprise to be able to send them email.

To change this setting open up the "Exchange System Console" and go to the Recipient Configuration, Distribution Group. Then right click on the distribution group you wish to edit and choose properties. Next click the "Mail Flow Settings" tab and select the "Message Delivery Restrictions" and then hit the "Properites" button. On the "Message Delivery Restrictions" screen uncheck the "Require that all senders are authenticated" option and you will be all set.

To do all of the above from the "Exchange Management Shell" you can use the one-liner below.
Set-DistributionGroup -identity "DisplayNameOfDistributionGroup" -RequireSenderAuthenticationEnabled $False
It's really that easy.

When I first got my hands on Microsoft Exchange 2007 I did not like the idea of doing alot of things by the command line, but as time goes on I have found out that the Management Shell is a very powerful tool that every Exchange admin should learn how to use and fall in love with.


Anonymous said...

Thank you so much for this post! Being novice in Exchange 2007, I also encountered this problem, and found the exact answer in your blog.

Oleg Rzhevsky, MVP

craig said...

excellent articles.
solved my problem on SBS 2008 server

craig finnefrock
computer magic inc