Exchange_Logo

There are certain scenarios where you may not want an external mail contact to be visible in an exchange address list.

We’re currently working on a customer’s Exchange environment where they require the ability to conveniently send email to multiple external email addresses, concurrently, whilst still maintaining a certain degree of privacy and control on those external addresses. In this instance, they don’t want internal users of the organization to see the external email addresses of the Mail Contacts, for two reasons:

  • Privacy – These are private external email addresses
  • Control – They only want users sending to these addresses for a finite time

To achieve this, we will create a local user mailbox that is linked a local AD user account and a corresponding Mail Contact containing the external email address. We then setup Mail Forwarding on the local mailbox, to forward all email to the corresponding Mail Contact and ensure the option to “Deliver message to both forwarding address and mailbox” is enabled. Mail is then sent to the external address via the local user mailbox, which is listed on all Exchange address lists.

This basically allows the owner of the Exchange organization to maintain a degree of control because they use a locally controlled email address to send mail to the external email address. By ensuring mail is delivered to both the local mailbox and external addresses it allows them to not only monitor and archive mail sent, but even recover anything that goes missing.

For the sake of privacy, they don’t want  internal getting a hold of the private email addresses of these mail contacts – so by keeping the Mail Contacts hidden from Exchange address lists, users will only ever recognize the local email address.

Note: This solution ideal for a Device CAL licensed scenario, as it has no additional licensing requirements. If you license Exchange per User, setting things up in this fashion would require a User CAL for each user mailbox you create. Keep this in mind. If you require assistance with licensing compliance we can provide this through our range of consultancy services.

Exchange 2010

  1. Open Exchange Management Console (EMC)
  2. Expand Microsoft Exchange On-Premises (server_name)
  3. Expand Recipient Configuration
  4. Select Mail Contact
  5. Double-click on the Mail Contact you wish to hide
  6. In the General tab check Hide from Exchange Address Lists checkbox
  7. Click Ok

It’s as simple as that. Now the mail contact’s external email address won’t be published in any exchange address lists, keeping it private.

Exchange 2013

In all their wisdom, Microsoft have removed the “Hide from Exchange address lists” option from EAC for Mail Contacts in Exchange 2013; strangely, the checkbox is still available for all other mail objects – sometimes you really have to admire Microsoft’s rational thought process.

Do not fear however, you can still hide Mail Contacts from Exchange address lists as in Exchange 2010, only now you do it via the Exchange Management Shell (EMS):

Once you have opened EMS type the following:

Set-MailContact <contact alias> -HiddenFromAddressListsEnabled $true

To confirm the command worked, run the following:

Get-MailContact <contact alias> | fl *hidden*

This should return a value of true.

If you want to revert your changes or simply change hidden objects to visible objects, flip the Boolean back to $false:

Set-MailContact <contact alias> -HiddenFromAddressListsEnabled $false

And perhaps the most useful of all – if you want to find all mail contacts that are currently visible and make them hidden you can do this:

Get-MailContact | Where-Object {$_.HiddenFromAddressListsEnabled -eq $false} | Set-MailContact -HiddenFromAddressListsEnabled $true

All done. Now the mail contact’s external email address won’t be published in any exchange address lists, keeping it private.

It’s definitely disappointing to see the checkbox removed from EAC for Exchange 2013 and even more disappointing when it’s been included for all other object types. Why this is the case, we will never know – we can only hope that future updates may revise and rectify this minor annoyance and include the checkbox for mail contacts.

Testing

In both versions of Exchange the best way to double check your work is with Outlook Web App:

  1. On the Exchange server go to https://localhost/owa or simply vist OWA from another machine
  2. Compose a new email
  3. Click the To: link to bring up My Contacts and Directory lists
  4. View the All Contacts address list

If you’ve performed everything correctly up until this point – your contact/s should not appear in this list.

If testing with Outlook in cached mode you will need to manually update the Offline Address Book. Otherwise your changes won’t be immediately apparent. By default the Offline Address Book only regenerates every 24 hours.

Good luck!

Article By Techzilla