cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Allow only specific domain to email a distribution group

JeffRyer
Copper Contributor

‎Apr 24 2024 02:59 PM

‎Apr 24 2024 02:59 PM

Allow only specific domain to email a distribution group

I'd like to allow only a specific external sender domain to send email to our distribution group (DG) in M365.  (The DG is actually a mail-enabled security group synced from AD.)  I see that a mail-flow rule doesn't process until after the DG is expanded, so can't match the DG as the recipient.  I see that the DG has an attribute dLMemSubmitPerms to specify who's permitted to send to the group, but I think that is only for objects in AD and wouldn't be able to use an external domain?  When I try to modify dLMemSubmitPerms I get an error anyway.

So how can this be done?

Labels:
580 Views
0 Likes
5 Replies
Reply
5 Replies
Vasil Michev

‎Apr 25 2024 12:11 AM

‎Apr 25 2024 12:11 AM

Re: Allow only specific domain to email a distribution group

You can use a mail flow rule with "includes any of these recipients in the To or Cc box" condition.
0 Likes
Reply
JeffRyer

‎Apr 25 2024 07:10 AM

‎Apr 25 2024 07:10 AM

Re: Allow only specific domain to email a distribution group

@Vasil Michev - I already tried a mail-flow rule and it didn't work; and then I found the reason why:

 

"Note - If the Mail flow rule is configured to check for the recipient where the recipient is a distribution group, the rule won't be matched. When the message is sent to a distribution group, the group will be resolved to distinct users of that group before reaching Mail flow rules and instead, will check every member of a group."

From <https://learn.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/conditions-and-ex...>

0 Likes
Reply
Vasil Michev

‎Apr 25 2024 08:02 AM

‎Apr 25 2024 08:02 AM

Re: Allow only specific domain to email a distribution group

And I'm telling you that it depends on the condition used. The note you quoted applies to specific conditions only.
0 Likes
Reply
JeffRyer

‎Apr 25 2024 08:04 AM

‎Apr 25 2024 08:04 AM

Re: Allow only specific domain to email a distribution group

I don't see "includes any of these recipients in the To or Cc box" condition. I only see options for word match or text pattern and I've tried both.
0 Likes
Reply
best response confirmed by JeffRyer (Copper Contributor)
JeffRyer

‎Apr 27 2024 04:17 PM

‎Apr 27 2024 04:17 PM

Solution

Re: Allow only specific domain to email a distribution group

I figured out a way. Using a mail flow rule where the header contains "To" of the distribution group. And have it block those messages, and an exception of the domains to allow. 

@Vasil Michev , thanks for the clue. 

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by JeffRyer (Copper Contributor)
JeffRyer

‎Apr 27 2024 04:17 PM

‎Apr 27 2024 04:17 PM

Solution

Re: Allow only specific domain to email a distribution group

I figured out a way. Using a mail flow rule where the header contains "To" of the distribution group. And have it block those messages, and an exception of the domains to allow. 

@Vasil Michev , thanks for the clue. 

View solution in original post

0 Likes
Reply