Hello all I have a problem where I need an external address to be able to send to an ExchangeAll distribution list. The ExchangeAll distribution list's message restrictions is set up such that only the group can only accept messages from authenicated users only from everyone and this must remain this way. I set up a special user on exchange for the external address to send emails to and set its message restrictions to accept messages only from the external senders address. This works fine. Under delivery options for the special user I set the forwarding address to the ExchangeAll distribution list. When I send from the external email address the special user receives it but cannot forward it due to the fact that the external user is not an authenticated user as the ExchangeALL distribution list requires. Is there a way in active directory for me to forward all email from the special userbut change the senders email to the special emails address first, thus the ExchangeALL distribution list will receive the email? Dan

Hi Dan, Why not create two distribution lists for this purpose? One distribution list is used by internal users with following configuration: From Authenticated Users only From everyone One distribution list is used only for the specific external senders address. Only from the external sender, you can create a contact for the external sender and add him For your reference: How to restrict the users who can send inbound Internet e-mail to another user or to a distribution group in Exchange 2003 http://support.microsoft.com/kb/827616/en-us Mike

Thanks for the reply MikeI would need to maintain two seperate distribution lists for every list that I have to accomplish what you have suggested. I was hoping to only use one distribution list for our entire company as the list hasserveral other lists nested within it. The current structure is:location1Alllocation2Alllocation3AllExchangeALLExchangeALL has location1,2,3All nested in it and each of the lists are restricted to accept email from authenicated users only.WhatI was hoping to do isadd an external email address to authenticated users to the accept messages restriction so that I would getto accept messages from.Authenticated users AND Externaluser@someaddress.comAny other thoughts?Dan

Hi Dan, According to the KB827616, for both distribution groups and individual users, if you click to select the From authenticated users only check box, only the users that is considered to be an authenticated user can send e-mail messages to the user or the distribution list. The following types of e-mail messages are considered to be from authenticated users: E-mail messages that originate from Microsoft Outlook MAPI clients that are internal to the Exchange organization. E-mail messages that originate from Microsoft Outlook Web Access that are internal to the Exchange organization. E-mail messages that originate from POP clients or from IMAP clients where the sender supplied credentials to the SMTP server. As the Internet email is submitted without any credential, the email message is not considered to be authenticated. Nevertheless, from the article, I notice the following description: If you enable the Resolve anonymous e-mail setting on your front-end SMTP servers, anonymous senders can bypass the From authenticated users only settings. I suggestion you consider whether the following method is a workaround available for you: Step 1: Create a new SMTP Virtual Server ============================ 1. Create a new SMTP Virtual Server on the front-end SMTP servers. 2. Have the SMTP Virtual Server listen another IP Address. 3. Enable Resolve anonymous e-mail setting on the SMTP Virtual Server. 4. Configure the SMTP Virtual Server to only allow the connection from the specific senders domain mail server IP Address. Step 2: Update your public DNS MX Record ============================ You need to create another public MX record for the new SMTP Virtual Server. In addition, the new MX record needs to have higher priority. In this way, the external mail server will attempt to connect to your new SMTP Virtual Server firstly. If the new SMTP Virtual Server rejects the connection, the external mail server failover to another SMTP Virtual Server. By using the method, the specific sender domain is able to bypass the From authenticated users only settings. Mike