This is also a question raised by users in the forum. Today I have found an answer and a solution:
Symptom when you send an email to a user or group with transfer restrictions, the email delivery speed may be slower than expected. In some cases, the Mail may be stuck in the exchange mail classifier for several minutes to several hours before being sent. This problem may occur if you configure transfer restrictions for the above user or group to reject emails based on the identity of the distribution group or general security group members. For example, on the "exchange general" tab of the user account or distribution group attribute, click "from everyone, except" under "email restriction ", then, a distribution group is added to the exception list.
If you send an email to a recipient who has been configured with a restriction rule that rejects emails from a specified distribution group or security group member, exchange 2000 Server must expand the group to check whether the sender is a member of the restricted group. The Exchange 2000 server does not cache the results of the expansion of the group. Therefore, each expansion is performed. If you send emails to a group containing many recipients, and these recipients are configured with a transfer restriction rule, if this rule rejects messages sent by members of a distribution group that contains many members, the Exchange 2000 Server must expand a restricted distribution group for each member of the group to which you send the message. In addition, if a retries are allowed during this process, Exchange server stops the group expansion process and retries the connection one hour later. This will cause the email to stay in the classifier queue and may delay the mail processing process.
To solve this problem, place the user you intend to reject the email in a separate routing group and create a transport restriction based on the connector restriction:
1. |
In the Exchange System Manager, create a new routing group that contains all users whose mails you intend to restrict. For more information about how to create a route group, click the following article number to view the article in the Microsoft Knowledge Base:266744 xadm: How to Create a routing group 319416 how to: Use routing group connectors to connect routing groups in Exchange 2000 |
2. |
Create an SMTP connector from a route group containing unrestricted users to a new route group containing Restricted Users. This ensures that emails from unrestricted Email recipients are successfully sent to the mailbox of Restricted Users. To do this, follow these steps:
A. |
Under an unrestricted routing group (for example, "First Routing group"), right-click "connector", point to "new", and then click "SMTP connector ". |
B. |
In the Name box, type A descriptive name. For example, type allow messages to restricted users. |
C. |
Click forward all emails from this connector to the following smart hosts, and then type the name or IP address of the smart host that belongs to the restricted routing group. The IP address must be enclosed in square brackets. |
D. |
Under "local bridgehead", click "add", click SMTP virtual server from the unrestricted routing group, and then click "OK ". |
E. |
Click the "connected routing group" tab and click "add ". |
F. |
In the routing group list, click restricted routing group, and then click OK ". |
G. |
Click application, and then click OK ". |
|
3. |
Create an SMTP connector from the restricted routing group to the unrestricted routing group. This is to prevent Restricted Users from sending emails to the "unable to reach destination" queue in the restricted routing group. To do this, follow these steps:
A. |
Under the restricted routing group, right-click "connector", point to "new", and then click "SMTP connector ". |
B. |
In the Name box, type A descriptive name. For example, Type Block messages to Non-Restricted Users. |
C. |
Under "local bridgehead", click "add", click SMTP virtual server from the restricted routing group, and then click "OK ". |
D. |
Click "forward all emails through this connector to the following smart hosts", and then type the name or IP address of the smart host configured to delete or return mail. For example, enter the IP address of the server you use as the bridgehead server and enclose the address in square brackets. In this way, a loop is created, and the email will be returned as an inaccessible email. Although this method does return messages as messages that cannot be delivered, the undelivered report (NDR) Code indicates that messages cannot be delivered because there is a loop rather than a transfer restriction. |
E. |
Click the "connected routing group" tab and click "add ". |
F. |
On the routing group list, click the unrestricted routing group, and then click OK ". |
G. |
Click application, and then click OK ". |
|
4. |
Because the routing group connector configuration in step 1 prevents NDR messages and delivery status notifications (DSN) that may be allowed between these routing groups ), therefore, you need to modify the routing group connector in the restricted routing group so that it is not used for System Mail:
A. |
Right-click the new route group SMTP connector created in the restricted group, and click Properties ". |
B. |
Click the content restriction tab, and then click to clear the System Mail check box under "allowed type. |
C. |
Click application, and then click OK ". |
|
5. |
Create an SMTP connector in the restricted routing group that allows System Mail:
A. |
Under the restricted routing group, right-click "connector", point to "new", and then click "SMTP connector ". |
B. |
In the Name box, type A descriptive name. For example, type allow system messages. |
C. |
Click forward all emails from this connector to the following smart hosts, and then type the name or IP address of the smart host that belongs to the unrestricted routing group. |
D. |
Under "local bridgehead", click "add", and then add the SMTP virtual server from the restricted routing group. |
E. |
Click the content restriction tab, and then click to clear the non-System Mail check box. |
F. |
Click the "connected routing group" tab and click "add ". |
G. |
In the routing group list, click the unrestricted routing group, and then click OK ". |
H. |
Click application, and then click OK ". |
|
6. |
To enable users in a restricted routing group to send emails over the Internet, create an SMTP connector with lower overhead so that it has the same address space as other connectors to the Internet, however, this routing group is used as the connector scope:
A. |
Under the restricted routing group, right-click "connector", point to "new", and then click "SMTP connector ". |
B. |
In the Name box, type A descriptive name. For example, type allow Internet access. |
C. |
Under "local bridgehead", click "add", and then add the SMTP virtual server from the restricted routing group. |
D. |
Click the "address space" tab, click "route group" under "connector scope", and then click "add ". |
E. |
Click "SMTP", click "OK", and then click "OK" again ". Note:: This step uses the default SMTP address space represented by a star. Modify these settings to specify the address space used in your organization. The overhead displayed for this address space must be lower than the overhead of other SMTP connectors you have created. |
F. |
Click application, and then click OK ". |
|
Note:: This work und only uses a route as a means of limiting transmission, and it can be expanded without being limited by the number of users in the restricted routing group. Source: http://support.microsoft.com/default.aspx? SCID = KB; ZH-CN; 329171
If you have any questions in this article, please go to the dingtalk forum to discuss: http://www.5dmail.net/bbs