Divestiture Challenge – Restricting Messages and Sending Notifications

Share on linkedin
Share on twitter
Share on facebook

While working with a corporation who was divesting a small portion of their business, we were presented with an interesting challenge. On the day of signing, the divesting company, known here as ‘BIGCOMPANY’, would allow users from the divested company, known here as ‘SMALLCOMPANY’, to retain access to their mailboxes via the Outlook client for retrieving and exporting legacy data, however, did not want any new emails being sent from or delivered to the SMALLCOMPANY mailboxes.

In addition to blocking inbound messages to and outbound messages from SMALLCOMPANY mailboxes, BIGCOMPANY also wanted a method for notifying external senders that the SMALLCOMPANY users’ email address has changed.

To meet BIGCOMPANY’s requirements, we configured a series of the mail flow rules (also known as transport rules) to identify and then act on messages sent to or from SMALLCOMPANY mailboxes.

The objectives of the mail flow rule approach are to:

  • Block SMALLCOMPANY personnel emails sent from their BIGCOMPANY mailbox from being delivered
  • Block SMALLCOMPANY personnel from receiving internally and externally generated emails in their BIGCOMPANY mailbox
  • Notify internal and external senders that the SMALLCOMPANY recipient is no longer receiving mail at their BIGCOMPANY email address

ALIGN EMAIL ADDRESS PREFIXES

Since we are using a mail flow rule to communicate the email address change, every external sender will receive the same change notification message regardless of which SMALLCOMPANY mailbox they send to. For this reason, we chose to simply notify the external sender to swap the BIGCOMPANY domain name with the SMALLCOMPANY domain name in the user’s email address and then resend the message.

For example: Alan.Green@BIGCOMPANY.com would become Alan.Green@SMALLCOMPANY.com

In preparation for this ‘swap’ messaging, we ensured each SMALLCOMPANY mailbox had an email address assigned to it using the local-part (text before the ‘@’ sign) of the BIGCOMPANY email address.

CREATE DISTRIBUTION GROUP AND ADD MEMBERS

In preparation for the mail flow rules to act against a group of mailboxes, a Distribution Group must be created and each of the SMALLCOMPANY mailboxes added as members.

Note:    In Exchange Online, there is no need to create a ‘Microsoft 365 Group’ for this option. A ‘Distribution list’ will be sufficient for the mail flow rule

BLOCK SMALLCOMPANY SENT MESSAGES FROM BEING DELIVERED

The first mail flow rule will be created to prevent messages sent from SMALLCOMPANY personnel from being delivered.

The mail flow rule will silently drop any email sent from a SMALLCOMPANY mailbox.

The following diagram shows an example of how the mail flow rule would be constructed.

  • This rule will apply if (‘Apply this rule if…’) the ‘sender’ is a member of the Distribution Group, ‘DL Block Internal Message
  • If the user is a member of the Distribution Group, ‘DL Block Internal Message’, then the rule will ‘Do the following’ and ‘Delete the message without notifying anyone’

BLOCK INTERNAL MESSAGE FROM BEING DELIVERED

The second mail flow rule will prevent the SMALLCOMPANY mailbox from receiving internally generated emails. This rule will send a notification to the internal sender stating the SMALLCOMPANY user has moved to a new email address.

The following diagram shows an example of how the mail flow rule would be constructed.

  • This rule will apply if (‘Apply this rule if…’) ‘The sender is located’ ‘Inside the organization’ and ‘The recipient is a member of…’ the Distribution Group, ‘DL Block Internal Message
  • If the above conditions are met, then the rule will ‘Do the following’ and ‘Reject the message with an explanation…’. The verbiage for the email address change notification will be added to this action

You can learn how to plan for tenant migrations in mergers, acquisitions and divestitures in this previous article.

References:

Mail flow rules (transport rules) in Exchange Online:

https://docs.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/mail-flow-rules

Join the Insentra Community with the Insentragram Newsletter

Hungry for more?