Messaging Gateway

 View Only

  • 1.  Restrict Delivery To Specific Distribution Lists

    Posted Feb 09, 2011 12:56 PM

    Hello,

    Hopefully this will be an easy question to answer, we have several distribution lists in our Exchange environment where we want restrict delivery from the outside world as these distribution lists are only for internal use. From what i have read the way to do this is by selecting the group in exchange and making sure that the "Require all senders are authenticated" option is selected.

    I have tested this for several groups by sending email from my gmail account to the distribution list in question and the message gets delivered. Currently in Brightmail we have directory integration turned on, enable cache persistence turned on, enable distribution list expansion turned off, and preserve recipient address turned off. 

    Not sure if this matters or not but the configuration for our receive connectors in exchange under the authentication tab have Transport Layer Security Selected and Externally Secured selected.

    Is there something else that I need to configure to restrict delivery to these groups ?

    We are using SBG 9.0.2 and Exchange 2007 SP1 as our mail systems.



  • 2.  RE: Restrict Delivery To Specific Distribution Lists

    Posted Feb 09, 2011 02:06 PM

    I think you need to change "preserve recipient address" to ON.  I think the SBG is resolving the distro to individual recipients before delivery.  Have you looked at your delivery logs?



  • 3.  RE: Restrict Delivery To Specific Distribution Lists

    Posted Feb 09, 2011 04:29 PM

    Hi Cricket,

    Thank you for your response, I have turned on the preserve recipient address and it still appears to be delivering the messages to groups that have the require authentication settings set. 

    I also checked the message audit logs and it does not appear to be splitting the emails out to the members of the distribution lists. In the log it only shows one original recipient which is the distribution list and does not list the members of the distribution list as recipients.



  • 4.  RE: Restrict Delivery To Specific Distribution Lists

    Posted Feb 10, 2011 12:32 PM

    I figured this one out, it was the way that i had setup the receive connectors in Exchange. I had just copied what we had in Postini when i created the connectors for our Brightmail servers.

    So, the problem was that i had Externally Secured selected under the authentication tab and it was treating all inbound messages from Brightmail as authenticated. By removing this flag (clearing all check boxes under the authentication tab) and then adding Anonymous users under the Permissions Groups tab it will now allow mail delivery to mailboxes and DLs without the "Require all senders are authenticated" selected and reject messages to Distribution groups with it selected which is the behavior that we were looking for.