0

Just some backgroud, we have several users that are contracted to highly secure 3rd party locations they are not able to access webmail! Instead they are given temp user accounts and email address to use for the duration of the contract.

While I know that it techincally possible to add these 3rd party email addresses to my Exchange environment, I know deep down that it is really bad practice. Apart from the administrative overhead of managing this information, are there any other factors i should be considering? Like security, email rentention policy of the 3rd party?

Does anyone have a similiar situation?

Bryan
  • 7,628
  • 15
  • 69
  • 94
hardnose
  • 13
  • 2

1 Answers1

0

You can add third party email addresses to distribution groups by creating them as contacts in AD. This essentially gives you a record with a name and email address and that's it. As this object is used entirely for email forwarding then there are few, if any, security implications as you are not granting these external users any additional rights on your system.

However, as you mention this does have an impact on email retention policy. Any email that gets forwarded to these users should be logged as being sent, but beyond that you are loosing control of what happens with that email. If these contacts are in distribution lists, your users may treat them as internal users, rather than if they had to add a third part email address to the email them selves then they may be more cautious about what they send.

Sam Cogan
  • 38,736
  • 6
  • 78
  • 114