Dynamic distribution groups (DDGs) have been a beloved feature in Exchange Online for years. They allow you to create distribution groups based on customizable filters and conditions – simplifying membership management and expediting sending of emails to groups. However, with the current implementation of DDGs, some customers have been seeing slow delivery of emails or non-delivery of emails to users that they expected to be included in the recipient list. In extreme cases, our services have even encountered issues due to DDGs that have highly complex filters.
This led to modernization efforts starting in January 2021. We know how important it is to have an extremely reliable service for our customers. This feature update focuses on reducing mail delivery latency for DDGs, increasing service reliability, and enabling customers to determine the exact list of recipients.
This feature update is enabled for Preview customers and will be rolled out to all customers mid-April.
Implementation
Today, DDGs do not have a fixed recipient list; the recipient list is calculated dynamically each time a message is sent to a DDG. This can be a very slow process depending on the complexity of filters, leading to delayed mail delivery. To resolve this, we’re going to store the membership list for each DDG, and refresh it every 24 hours. The daily refresh will be an incremental refresh, applying the changes between the stored list and the refreshed list. When an email is sent to a DDG, or when an Exchange Transport Rule (ETR) is run that queries if the sender/recipient is a member of a DDG, our service will use this stored membership list.
Benefits
Caching this membership list provides many benefits:
- Mail delivery latency is reduced and more predictable. By not having to calculate the membership at the time a message is sent, mail delivery times will be more in line with regular distribution groups that have a fixed membership list. Our preview customers saw latency for DDGs drop by an average of 70%.
- Service issues caused by DDGs will be reduced. Since the service won’t have to calculate membership each time a message is sent to a DDG, it reduces the chances of the service being affected by DDGs with highly complex filters.
- Admins will be able to view the membership list of each DDG using the Get-DynamicDistributionGroupMember cmdlet. This allows an admin to be certain of which recipients receive mail sent to a DDG, addressing potential compliance issues that some customers have raised.
Limitations
Since we will be storing the DDG’s membership list, some time is needed to do the initial population of members upon creation of a DDG, and when DDG filters are modified. The membership list for each DDG will now be periodically refreshed instead of calculated in real time, so it will no longer reflect which users meet the DDG criteria in real time.
It is important to note that:
- When a DDG is created or when a DDG’s filter is modified, it may take up to 2 hours before it is ready to be used. During this time, the service will be populating the members in the background.
- The SLA for DDG “freshness” is 24 hours. Each DDG is refreshed every 24 hours based on its last calculated membership update time. So, note that if a user is created that matches a DDG’s filter, the user might not be added to the DDG until the next refresh occurs.
Tools to help you
We’ve created some tools to help you manage the new DDG experience.
Forcing a membership refresh
If you want to refresh a DDG’s membership list before its next scheduled refresh, or if your DDG membership list isn’t updated after a refresh as expected, you can force a membership refresh by using Set-DynamicDistributionGroup in the Exchange Online PowerShell:
Set-DynamicDistributionGroup -Identity <DDGIdentity> -ForceMembershipRefresh
Note that a manual refresh can be performed only after more than one hour has elapsed since the last refresh occurred.
Viewing a DDG’s membership list
You can use Get-DynamicDistributionGroup to view the members of a DDG. This will show you the list of members stored on the DDG object (based on the last refresh). This is the recipient list that will be used when a message is sent to the DDG.
Get-DynamicDistributionGroupMember -Identity <DDGIdentity>
Checking when a DDG was last refreshed
You can also use Get-DynamicDistributionGroup to view the last time a DDG was refreshed by looking at its CalculatedMembershipUpdateTime property.
(Get-DynamicDistributionGroup -Identity <DDGIdentity>).CalculatedMembershipUpdateTime
Instant DDG Membership
Customers tell us they like the above improvements, but many still want instant DDG membership.
We’re investigating options for instant DDG membership when a new user is created or an existing user’s property changes. This type of complexity increases the load on the service, so we’re exploring this with caution and care. We’ll let you know the results of our investigation when we have them.
