Apr 24 2024 02:59 PM
I'd like to allow only a specific external sender domain to send email to our distribution group (DG) in M365. (The DG is actually a mail-enabled security group synced from AD.) I see that a mail-flow rule doesn't process until after the DG is expanded, so can't match the DG as the recipient. I see that the DG has an attribute dLMemSubmitPerms to specify who's permitted to send to the group, but I think that is only for objects in AD and wouldn't be able to use an external domain? When I try to modify dLMemSubmitPerms I get an error anyway.
So how can this be done?
Apr 25 2024 12:11 AM
Apr 25 2024 07:10 AM
@VasilMichev - I already tried a mail-flow rule and it didn't work; and then I found the reason why:
"Note - If the Mail flow rule is configured to check for the recipient where the recipient is a distribution group, the rule won't be matched. When the message is sent to a distribution group, the group will be resolved to distinct users of that group before reaching Mail flow rules and instead, will check every member of a group."
Apr 25 2024 08:02 AM
Apr 25 2024 08:04 AM
Apr 27 2024 04:17 PM
SolutionI figured out a way. Using a mail flow rule where the header contains "To" of the distribution group. And have it block those messages, and an exception of the domains to allow.
@VasilMichev , thanks for the clue.
Jun 20 2024 01:31 PM
Here is a screenshot of the rule
Apr 27 2024 04:17 PM
SolutionI figured out a way. Using a mail flow rule where the header contains "To" of the distribution group. And have it block those messages, and an exception of the domains to allow.
@VasilMichev , thanks for the clue.