Mark Minasi's Tech Forum
Register Calendar Latest Topics Chat
 
 
 


Reply
  Author   Comment  
anthony

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 44
Reply with quote  #1 
I work for a company that is in 2 locations. One side is owned by the other but are seperate companies. 2 different Exchange orgs. 2 Different AD domains. 2 different email domains.

One company owns the other.

We will call them Texas and Florida. (Texas side owns Florida side)

Texas frequently sends ALL STAFF emails to both sides (as the parent company). Florida NEVER sends all staff emails to Texas.

Currently, Texas maintains a list of all staff on the Florida side as a list of Mail Contacts on their Exchange server. There is a distro in Texas that includes ALL the Florida Contacts. This is a list of over 500 users.

As you can imagine - it's almost never up to date. With turnover and humans doing things - steps get skipped and people dont make it into the group frequently.

Florida has a Dynamic Distribution group that handles the All Staff for that side. It's is ALWAYS up to date and works well. But, they restrict that distro so that only certain people can send to that distro from the Florida side (auth is required as well to send to).

What would be the best way to allow Texas to be able to send to this list without having to un-check "Require that all senders are authenticated" under Mail Delivery Restrictions?

I've thought about transport rules, but my testing shows this does not work (create a rule that anything from a certain address goes to a distro). But this idea required that the email be sent from the same account each time (not easy) but still didn't work anyway.

One thought was to create a mailbox with a really strange address of nonsense jafasfsfj@mydomain.com and auto forward that address to the distro. But that address goes across the web obviously and I would imagine could get intercepted possibly and be used for evil.

The obvious fear is the ability to be able to send a cryptolocker type email to everyone in the company and the inevitable carnage that would ensue.

__________________
If Chewbacca lives on Endor - You must acquit!
0
donoli

Senior Member
Registered:
Posts: 459
Reply with quote  #2 
https://www.fastmail.com/help/technical/ssltlsstarttls.html

Moving emails to encrypted ports maybe a possible answer to your problem.
0
anthony

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 44
Reply with quote  #3 
As I was reading this I realized we are already TLS partners... so the risk of that address going across in plain text is minimal. This might be the best solution is just use a coded email address that is not easily guessed and rely on TLS to keep it from getting sniffed.

Thanks,

Anthony

__________________
If Chewbacca lives on Endor - You must acquit!
0
Infradeploy

Avatar / Picture

Senior Member
Registered:
Posts: 165
Reply with quote  #4 
Ever looked at galsync?
__________________
Have SpaceSuit, Will Travel

0
Phil-n-JaxFL

Avatar / Picture

Grumpy Old Men
Registered:
Posts: 74
Reply with quote  #5 
As Infradeploy stated, GalSync is a great tool. We use it in the same scenario you state and it works great.


__________________
Phil
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation: