How to block some users to recieve message from a distribution list or group mail?

Question

I have a all users distribution mail group. Where users added from different depertment. When anybody from the group if send mail to this group for all users only some specific department member will not recieve this. How can I do this using Office Exchange including Mail Flow rules?

Answer 1

Hi @Saeydul Amin

I understand that you are considering preventing members of a specific department from receiving messages sent to a company-wide distribution list or group email. 

Regarding Mail Flow (Transport) Rules, this approach might not work well for this requirement. Distribution groups are expanded to all members before transport rules are processed. There is no built-in transport rule action to “remove a specific recipient from delivery.” Transport rules can only act on the entire message (for example: delete, reject, redirect), not on individual recipients after group expansion. 

To achieve your goal, I would recommend using a Dynamic Distribution Group. 

You can convert (or recreate) your “All Users” group as a DDG. A DDG automatically includes or excludes users based on Azure AD / Exchange attributes such as Department, Custom Attributes, or group membership. This eliminates manual member management, and excluded users are never part of the group expansion. 

You can refer via: Create and manage dynamic distribution groups in Exchange Online

You could follow these steps: 

Prepare User Attributes 

Ensure users have the Department field populated (Go to Microsoft 365 Admin Center portal > Users > [User] > Contact info) or via PowerShell: Using Set-MgUserSet-Mailbox.

For excluding specific individuals (not an entire department), assign a custom attribute, for example:  CustomAttribute1 = "ExcludeFromAllUsers".

Next, create (or Convert) to a Dynamic Distribution Group 

Go to Exchange Admin Center portal > Recipients > Groups > Select Add a group. 

Choose Dynamic distribution group. 

Or use Powershell:

Connect ExchangeOnline

# To configure to send All mailboxes except one department
New-DynamicDistributionGroup -Name "All-Users" -DisplayName "All Users" `
  -RecipientFilter "((RecipientType -eq 'UserMailbox') -and (-not(Department -eq 'Finance')))"
 
# Or exclude multiple departments and specific users
New-DynamicDistributionGroup -Name "All-Users" -DisplayName "All Users" `
  -RecipientFilter "((RecipientType -eq 'UserMailbox') -and (-not(Department -eq 'Finance')) -and (-not(Department -eq 'HR')) -and (-not(CustomAttribute1 -eq 'ExcludeFromAllUsers')))"
 
# Alternative: Use an exclusion security group 
New-DistributionGroup -Name "All-Users-Exclusions" -Type Security
# Add the specific department members or individuals to this group
New-DynamicDistributionGroup -Name "All-Users" -DisplayName "All Users" `
  -RecipientFilter "((RecipientType -eq 'UserMailbox') -and (-not(MemberOfGroup -eq 'All-Users-Exclusions')))"

Test the Configuration 

Run:

Get-Recipient -RecipientPreviewFilter (Get-DynamicDistributionGroup "All-Users").RecipientFilter | Select Name, Department, PrimarySmtpAddress 

Update Outlook address books, scripts, and any existing processes to use the new Dynamic Distribution Group email address instead of the old static group. 

This approach should effectively meet your requirements for “All Staff except specific departments” scenarios. 

I hope this helps. 

If you have any additional concerns, feel free to comment below. I would be more than happy to assist. 

---

Note: Please follow the steps in [our documentation] to enable e-mail notifications if you want to receive the related email notification for this thread. 

Answer 2

Configure this by putting delivery restrictions on the users who must not receive messages from the distribution group, rather than on the group itself.

Using Exchange Admin Center (EAC):

1. Identify the distribution group that sends to “all users” (already exists).
2. For each user in the departments that must not receive messages from this group:
   • Go to Recipients > Mailboxes.
   • Select the mailbox and click Edit.
   • Go to Mailbox features (or Mail flow settings in some UIs).
   • Under Message delivery restrictions, select View details.
   • In Reject messages from, choose Senders in the following list and add the “all users” distribution group.
   • Save the changes.

Result: when anyone sends to the “all users” distribution group, Exchange will attempt to deliver to all members, but for the users where the group is in Reject messages from, those deliveries will be rejected and they will not receive the message.

Using PowerShell (Exchange Online / Exchange Management Shell): For each mailbox that must not receive from the “AllUsersDL” group, run:

Set-Mailbox -Identity "******@contoso.com" -RejectMessagesFromDLMembers @{add="AllUsersDL"}

Or, if the group itself is the sender (not its members):

Set-Mailbox -Identity "******@contoso.com" -RejectMessagesFrom @{add="AllUsersDL"}

Notes:

• The same AcceptMessagesOnlyFrom / RejectMessagesFrom and DL variants can be used on other recipient types (for example, if the excluded recipients are themselves groups or mail users).
• This approach is more precise than transport (mail flow) rules for “per-recipient” blocking of a specific sender or group.

---

References:

• Recipient resolution in Exchange Server
• Configure message delivery restrictions for a mailbox in Exchange 2013
• Configure message delivery restrictions for a mailbox
• Manage distribution groups
• Create and manage distribution groups in Exchange 2013
• Manage dynamic distribution groups in Exchange 2013
• Create and manage distribution lists in Exchange Online