I have never been the most comfortable with this idea as from my perspective generating mailboxes that are purely used for sending mail in and out are a little bit of a waste of resources (the calendar never gets used for example) and a common issue is that people normally request them for fixed term marketing campaigns and never let us know when we can close the mailbox so it just sits there taking up space.
Another thing that I hate about them is that a mailbox = AD account, normally what we do is assign permissions to the mailbox via group (where the people that require access to the mailbox are in the group) – but that still leaves an account in AD that is never used or logged into – so when we run our reports on the directory the Primary mailbox account always shows up, gets disabled and then we get calls from people moaning that they cannot access their resource.
One of the major reasons as to why they like to use a mailbox is that you can “send as” the mailbox name – for example if you have a mailbox called [email protected] and you have permissions to it, you can go into your own personal mailbox ([email protected]) send a mail but pretend to be [email protected].
I had a think about this, and, from a distant training course on Exchange seemed to remember being told that you can configure Distribution Lists in the same way which will allow for senders to claim to be from the Distribution list, the following is what I came up with;
Firstly you need to create your distribution list, what I have done in this example is create a list called “design” the following are the steps:
Click on the next button and then tick the “Create an Exchange e-mail address”
Click next and then on the last page click on the Finish button.
You are then ready to add members to you distribution list, however after you have added the members to the list you will need to create a security group in Active Directory that we will use to apply permissions to the Distribution list which will allow members of the security group to “Send As” the list.
What I have done in this example is created a security group called “Design-Members” and then added the people to it that I wish to allow to send as the name of the Distribution list. What I then did was assign the security group permissions on the list – which is done like so:
Ensure that you have opened up ADUC with the “Advanced” View turned on – this allows you to see the Security Tab on the properties of the Distribution list.
Open the properties of the Design Distribution lists and click on the Security Tab, and click on the add button.
In the select users / groups box type in the name of the Design-Members security group and then click add – ADUC should then resolve the name.
From the security properties of the design distribution list – select the Design-Members security group and then apply the “Send As” and “Send To” permissions then click apply and then ok.
You will need to wait for AD replication and the RUS service to update all of the relevant properties in AD (which takes about 15 minutes) – you should then be ready to test this in Outlook.
Open Outlook and logon as an account that is a member of the Design-Members security group and open a new message – like so:
Fill in the fields (From, and To) and then click on Send.
Voila! you should now of been able to send as the distribution list.
This is obviously not suitable for every situation, I have had to concede that on some occasions a mailbox is the only way for generic accounts to work (for example where a centralised storage location is required for reviewing the mail that comes in), however it is ideal for those “temporary” generic addresses.