Microsoft Finally Starts Protecting Me from Myself

And of course it bites me.  When setting up Distribution Groups in Exchange 2007, there is a silly option that is set by default that will prevent sending to that group from external sources.  I suppose it’s a security feature, making you manually enable that address to be accessed from unauthenticated users, but it can be a head scratcher if you’re not looking for it. 

The error you would get if you tried to send to this group from outside would look something like:

Delivery has failed to these recipients or distribution lists:

Your message wasn’t delivered because of security policies. Microsoft Exchange will not try to redeliver this message for you. Please provide the following diagnostic text to your system administrator.

Sent by Microsoft Exchange Server 2007

Diagnostic information for administrators:

Generating server:

#550 5.7.1 RESOLVER.RST.AuthRequired; authentication required ##


Final-Recipient: rfc822;

Action: failed

Status: 5.7.1

Diagnostic-Code: smtp;550 5.7.1 RESOLVER.RST.AuthRequired; authentication required



So, after you create the Group, right-click on it, then go to properties.  Click the Mail Flow Settings tab and it looks like this:


Select Message Delivery Restrictions, then click the properties button and you’ll see:


Uncheck the box that says "Require that all senders are authenticated", and you should be good to go.

4 Replies to “Microsoft Finally Starts Protecting Me from Myself”

  1. How can this be bypassed when you create new distribution groups? Is there a power shell cli that can be executed to allow unauthenticated users to send to the group by default?

  2. You can use the Set-DistributionGroup cmdlet to do that. It would look something like:

    [PS] C:\Windows\System32>Set-DistributionGroup -identity [your distribution group] -RequireSenderAuthenticationEnabled $False

  3. It’s there any way to i re-send email that were bloked when the check its not select?


Comments are closed.