1 min readHow to block send / receive emails using dynamic distribution group and ETR?

1 min readHow to block send / receive emails using dynamic distribution group and ETR?

Published Date:

Share

There are requirements across industry to block the external message
flow(both send and receive) to particular set of users alone.

Some of the scenarios are

  1. Members of the Research and Development department are restricted to

    send and receive mails from external domain.
  2. In educational institutions students above 13 years of age alone can

    send and receive external mails. If the students age is less than

    13, then they can send and receive mails within the domain alone.

In this blog we shall discuss the solution for this requirement.

Solution:
The solution involves dynamic distribution group and Exchange Transport
Rule(ETR).

  1. Create a dynamic distribution group based on an attribute or a

    custom attribute. Ex:- Department is Research, or CustomAttribute1

    holding the student’s age.
  2. And in the Exchange Transport Rule(ETR), add the rules if the sender

    or recipients is member of the new dynamic distribution, then block

    the message.

For the purpose of simplicity consider that the research departments
members can’t send and receive messages from external users. In this
case we shall use the ‘department’ attribute which contains ‘Research’.

โ€‹1. Create a dynamic distribution group

In the below powershell we are creating a new dynamic distribution group
based on the department attribute whose value is ‘Research’.

                            New-DynamicDistributionGroup -Name "ResearchGrp" -RecipientFilter {(RecipientType -eq 'UserMailbox') -and (Department -like 'Research') }

โ€‹2. Create a Exchange Transport Rule(ETR) to block the message

We need to create two Exchange Transport Rules, one is to delete the
message if the sender is member of the ResearchGrp dynamic distribution
group and another one is for the recipient.

                            New-TransportRule "BlockExternalMessagesFromResearchTeam" -FromMemberOf "ResearchGrp" -DeleteMessage 
                            New-TransportRule "BlockExternalMessagesToResearchTeam" -SentToMemberOf "ResearchGrp" -DeleteMessage

Now all the messages send from and to the research group is deleted.
Instead of deleting the message you can reject the message with reason,
to do that you need to use ‘RejectReason’ action.

Migrate Everything to Microsoft 365

Exchange Online SharePoint Online OneDrive For Business Microsoft Teams Microsoft Planner Viva Engage (Yammer) Microsoft Bookings Microsoft Forms Power Automate Microsoft Power BI Exchange Online SharePoint Online OneDrive For Business Microsoft Teams Microsoft Planner Viva Engage (Yammer) Microsoft Bookings Microsoft Forms Power Automate Microsoft Power BI
  • No Data Loss
  • Zero Downtime
  • ISO-Certified Protection

Get Started

Start your free 15-days trial today !

4.5 out of 5