Exchange enables you to apply moderation to mailboxes, contacts, and
distribution groups. When moderation is enabled, any message addressed
to the recipient must first pass through a moderation phase to approve
or reject the message. Rejected messages are returned to the sender,
and approved messages are allowed through for delivery to the original
recipient. Moderation occurs in the transport service as a form of rule
applied to messages after they are submitted by the Mailbox Transport
Submission service. The scenarios to which moderation caters include
the protection of sensitive mailboxes (such as those of executives) by
forcing communications to be moderated by someone such as an
administrator or of external contacts that might be published in the
GAL to which you want to restrict communication from specific people
who represent your company. Because they are often used to debate
issues and post information that is of wide interest to many people,
groups are possibly the most obvious target for moderation, so this
discussion begins by looking at how to protect groups as an example of
how the feature works.
Many
companies use distribution groups as a convenient way of communicating
with large audiences. It is very convenient to be able to send a
message and have it delivered to many people, but sometimes you want to
ensure that only appropriate content is sent to large distributions.
Moeration is a very effective way of accomplishing this goal to
restrict the mailboxes and groups that can send new messages to a
group. Figure 1
shows the properties of a group as it is enabled for moderation. In
this case, a group has been created to facilitate discussion about
Exchange 2013.
People
(including individuals outside the organization) might send
inappropriate messages to the group (such as advertisements for
products or other services). You can avoid the problem of external
messages going to group members by making the group available to
internal senders only, which is the default for Exchange 2013 (see the
delivery management section of a group’s properties). However, in terms
of the actual content that is circulated to group members, you want to
keep the discussion focused. To do this, you can nominate one or more
moderators to review all the messages sent to the group. The users
nominated as moderators do not have to be members of the group, and
Exchange does not automatically add the moderators to the group
membership. All moderation means is that the specified users receive
copies of messages sent to the group for approval before general
distribution. Logically, it also means that if a moderator sends a
message to the group, that message is delivered without needing to be
approved.
You
can also see that you can exclude some senders from moderation; any
messages they send are posted without checking. The IT department
probably knows something about Exchange 2013, so let the messaging
administrators post directly to the list. You also configure the
properties so that only internal users receive notifications if their
messages are declined. It is a bad idea to send these notifications to
Everyone because external spammers could receive a confirmation that
they have sent a message to a valid email address if you allow external
people to send to the group.
The EMS code to set the same properties to moderate messages going to the group is as follows:
Set-DistributionGroup –Identity 'Exchange 2013 Interest Group'
–ModerationEnabled $True –ModeratedBy 'Brown, Robert (IT)', 'Hanif, Kerim'
–ByPassModerationFromSendersOrMembers 'Email Administration Team', 'Redmond, Tony (IT)', 'Peled, Yael (IT)' -ByPassNestedModerationEnabled $True
–SendModerationNotifications Internal
Note
the use of the ByPassNestedModerationEnabled parameter. When set to
$True, any nested groups that also require moderation are governed by
the decision of the moderator of the group to which the message is
addressed. In other words, if you send a message to a group called
Investment Approvals that contains another moderated group called
Management Committee, Exchange first sends the message to the moderator
of Investment Approvals. If approval is received, Exchange then
validates whether nested moderation is enabled. If yes (the flag is
$True), Exchange distributes the message to individual recipients
(those who are not within the nested group) of Investment Approval and
sends an approval request to the moderator of the Management Committee
group, who can approve or reject the request for distribution to the
members of this group.
Tip
To
avoid excessive delays for messages (and create less work for
moderators), it’s a good idea to enable nested moderation for all but
the most sensitive groups.
After a group is set up for
moderation, Exchange automatically displays a MailTip to warn users
when they address a message to the group. The warning tells the user
that his message might not be delivered immediately because it has to
go through a moderation process to gain approval before final delivery (Figure 2).
In this case, you see two MailTips. One is the default shown for any
moderated group; the second is the customized message for the specific
group that is displayed simply because a MailTip has been defined for
the group.
