Controlling Exchange's distribution lists

Using distribution lists in Microsoft Exchange can help organize how your users communicate, but there are risks. These TechRepublic articles can help you design distribution lists that help protect and manage e-mail servers.

Distribution lists are a powerful tool for IT managers tasked with controlling an organization’s e-mail services, and Microsoft’s Exchange server gives managers a great deal of flexibility.

But flexibility can be a problem. IT managers have to make certain the capabilities they enable on one hand don’t create unexpected problems on the other hand.

To fully appreciate the power of distribution lists in Exchange, and the potential “gotcha” inherent in that power, IT managers need to understand how to secure, organize, and control distribution lists.

These TechRepublic articles will show you how to manipulate Exchange’s distribution lists:

Address the dangers within
Exchange’s vulnerability to virus attacks has been well documented, but the most common abuses of the program are likely to come from friendly forces inside your firewall.

The most annoying of these abuses comes from the user who can’t resist the Reply To All button in their Outlook program.

“The annoyance level rises as the number of employees on the system increases,” according to TechRepublic’s systems administrator Mike Laun, who provides detailed instructions describing how to restrict who can respond to large-scale distribution lists in “Exchange tip: Don't tell everyone.”

In “Securing global distribution lists in Exchange 5.5,” TechRepublic’s senior Web operations engineer Dominic Bosco addresses the potential magnitude of the problem caused when users respond to entire distribution lists.

Bosco describes a mail storm, which can begin when users on a network respond to a distribution list message by clicking on the Reply To All tab. This action can elicit a response from recipients who are annoyed by the first group and compound the problem by using the Reply To All function to request that they not be included in the replies. Next comes a flurry of messages from users replying to all again to tell everyone on the list not to use the Reply To All function when replying to a distribution list message.

This type of mail storm can bring Exchange Server’s Message Transfer Agents (which actually send the messages) grinding to a halt, overburdened by all that traffic.

Laun and Bosco describe two similar ways to restrict the use of distribution lists and both warn how Internet mail capabilities in Exchange can be used by outside forces to spoof internal e-mail addresses.

Spoofing the Sender header on an SMTP mail message “is a hack for ages 12 and up,” Bosco wrote. He and Laun recommend eliminating the SMTP addresses that are created by Exchange by default when you build a distribution list.

Organize global distribution lists
A major function of a distribution list is to help you organize your enterprise into discrete sets of users. Lists can be made up of just a few users to thousands of users and the combinations can be based on geography, job function, or any other organizational scheme.

In “Organizing global distribution lists in Exchange 5.5,” Bosco discusses creating naming conventions to help managers tame their Global Address List (GAL).

The GAL is normally an alphabetical list by either first or last name of the users. To prevent distribution lists from getting lost among the individual users, Bosco suggests using a nonalphabetic character as the first letter in distribution lists.

Putting an @ sign at the beginning of a distribution list name, for example, will push that name to the top of the GAL. Managers can do the same for public folders, assigning them a + sign to group these types of recipients, Bosco wrote.

Bosco also suggests that the name of the distribution list describe its membership, such as @Corporate Remote Users for remote users that are assigned to the corporate site mail server.

Bosco notes that when you create a distribution list name, be sure to omit the nonalphabetic character prefix and all spaces in the distribution list’s Alias, which Exchange uses to create the Directory Name. Eliminating these characters will help you later if you need to export a directory or in writing scripts used to modify or migrate distribution lists.

Control distribution list expansion
When it isn’t abused by individual users, the distribution list can save massive amounts of network bandwidth. This is particularly true if the original distribution list is segmented with smaller distribution lists that contain users on different e-mail servers.

In “Controlling distribution list expansion in Exchange Server 5.5,” Bosco explains how distribution lists expand when they get to the server where the recipients reside.

In its simplest form, the user sends a message to a distribution list and your mail server’s Directory Service expands the distribution list, determining each recipient’s destination. If one of the recipients is located on another distribution list on another server, Directory Service sends a single copy of the message to the second server, where the Directory Service expands the distribution list.

This function is a great justification to install multiple mail servers in larger organizations and enterprises. Expanding large distribution lists gives your Directory Service a workout, Bosco said, chewing up valuable CPU cycles that can slow a network down during peak hours. Multiple mail servers will balance that burden throughout the organization by assigning the task to an idle server.
Distribution lists can be a great way to organize e-mail generated by your users. How do you organize your distribution lists? Start a discussion below or send us a note.

Editor's Picks