This chapter covers shared mailboxes and distribution lists (distribution groups) in Microsoft 365, two common collaboration tools that appear frequently on the MS-900 exam. Understanding their differences, licensing requirements, and use cases is critical because exam questions often test when to use each and what permissions are needed. Expect 3-5% of exam questions to touch on these topics, often in scenario-based formats asking you to choose the right collaboration method.
Jump to a section
Imagine a company with two communication systems: a shared mailroom and a phone directory. The shared mailroom is a physical room where all departments receive their mail. Anyone from the department can open the mail, read it, and reply. The mailroom has its own address (e.g., '123 Main Street, Room 101') but no specific person's name—it's a role-based address. When a customer sends a letter to that address, it goes into the room's inbox. Any employee with a key can access it. The key is like delegate permissions: Full Access allows reading and sending, Send As allows sending as the room, and Send on Behalf allows sending on behalf. The room doesn't require a license because it's not a person—it's a resource. Now, the phone directory is a list of department names (like 'Sales' or 'Support') that maps to a list of individual phone numbers. When you call 'Sales', the directory forwards your call to all sales reps simultaneously (or sequentially, depending on configuration). The directory itself doesn't have a phone; it just redirects. Unlike the mailroom, the directory cannot receive messages—it only forwards. The directory doesn't need a license either, but it's limited to email forwarding and cannot store messages. The mailroom can store messages and multiple people can access it, while the directory simply passes messages along. In Microsoft 365, shared mailboxes are like the mailroom—they have a mailbox that stores emails and multiple users can access it with proper permissions. Distribution groups are like the phone directory—they forward emails to a list of members but do not store messages themselves.
What Are Shared Mailboxes and Distribution Groups?
Shared mailboxes and distribution groups are two of the oldest collaboration features in Exchange Online, but they serve fundamentally different purposes. A shared mailbox is a mailbox that multiple users can access to read and send email from a common address (e.g., info@contoso.com). It has its own mailbox store, calendar, and contacts. A distribution group (also called a distribution list) is simply a collection of email addresses; when an email is sent to the group, it is forwarded to all members. Distribution groups do not have a mailbox—they cannot store messages.
Shared Mailbox Mechanics
A shared mailbox is essentially a regular Exchange Online mailbox that is not associated with a licensed user. It has a dedicated mailbox database, meaning it can receive and store emails. However, it cannot be logged into directly; users must be granted permissions to access it via Outlook or Outlook on the web. The key permissions are:
Full Access: Allows a user to open the mailbox, read, and delete messages. This permission must be assigned explicitly; it is not inherited from the parent organization.
Send As: Allows a user to send email as the shared mailbox. The recipient sees the shared mailbox address in the From field.
Send on Behalf: Allows a user to send email on behalf of the shared mailbox. The recipient sees 'Sender on behalf of SharedMailbox' in the From field.
Shared mailboxes have a default storage limit of 50 GB, which can be increased up to 100 GB with an Exchange Online Plan 2 license or an Exchange Online Archiving add-on. They also have a default maximum size of 10 MB for incoming messages (configurable).
Distribution Group Mechanics
A distribution group is a mail-enabled Active Directory group object. When an email is sent to the group's address, Exchange Online expands the group and sends a copy of the message to each member. The expansion happens on the server side; the sender's client only sees one message sent. Distribution groups can be:
Universal distribution groups: Used for email distribution only. Cannot be used for security permissions.
Universal security groups: Can be used for both email distribution and assigning permissions to resources (if mail-enabled).
Dynamic distribution groups are a special type where membership is calculated based on recipient filters and conditions (e.g., all users in a specific department). The group is evaluated each time a message is sent; there is no static membership list.
Licensing Requirements
A critical exam point: a shared mailbox does not require a license if it is under 50 GB and not archived. However, if you enable litigation hold, In-Place Archiving, or increase the storage beyond 50 GB, you must assign an Exchange Online Plan 2 license or an appropriate add-on. Also, any user accessing the shared mailbox must have an Exchange Online license (any plan). Distribution groups do not require a license at all, regardless of size or number of members. However, the users who are members of the distribution group must have licenses for their own mailboxes.
Configuration and Management
Shared mailboxes can be created via:
Exchange admin center (EAC): Recipients > Shared > Add a shared mailbox.
Microsoft 365 admin center: Teams & groups > Shared mailboxes > Add a shared mailbox.
PowerShell:
New-Mailbox -Shared -Name 'Info' -DisplayName 'Information' -Alias infoDistribution groups can be created via:
Exchange admin center: Recipients > Groups > Add a group.
Microsoft 365 admin center: Teams & groups > Active teams & groups > Distribution list.
PowerShell:
New-DistributionGroup -Name 'SalesTeam' -DisplayName 'Sales Team' -Alias salesteam -Type 'Distribution'Interaction with Related Technologies
Shared mailboxes can be used with Microsoft Teams (as a channel email address), but they are not the same as a Team mailbox. Distribution groups can be converted to Microsoft 365 Groups, but this is a one-way migration. Both shared mailboxes and distribution groups can be used in transport rules (e.g., auto-reply, moderation).
Default Values and Timers
Shared mailbox default quota: 50 GB (IssueWarningQuota: 1.7 GB, ProhibitSendQuota: 2 GB, ProhibitSendReceiveQuota: 50 GB).
Distribution group expansion timeout: 5 minutes (if expansion takes longer, message delivery fails).
Maximum members per distribution group: 100,000 (large groups require specific configuration).
Dynamic distribution group filter evaluation: happens at send time; no caching.
Common Exam Scenarios
The exam often presents a scenario where a company needs a common email address for a department (like support@contoso.com) that multiple people can monitor. The correct answer is usually a shared mailbox. If the scenario says 'no storage needed, just forward to individuals', the answer is a distribution group. A common trap is choosing a Microsoft 365 Group for such scenarios; Microsoft 365 Groups have a mailbox and are suitable for collaboration but require a license for each member (actually, members do not need extra license beyond their own, but the group itself does not require a license). However, for simple 'multiple people need to send and receive from one address', shared mailbox is the classic answer.
PowerShell Verification
To list all shared mailboxes:
Get-Mailbox -RecipientTypeDetails SharedMailbox | Format-Table Name, DisplayName, PrimarySmtpAddressTo list all distribution groups:
Get-DistributionGroup | Format-Table Name, DisplayName, PrimarySmtpAddressTo see permissions on a shared mailbox:
Get-MailboxPermission -Identity info@contoso.com | Format-Table User, AccessRights, IsInheritedCreate a Shared Mailbox
In the Microsoft 365 admin center, navigate to Teams & groups > Shared mailboxes. Click 'Add a shared mailbox'. Enter a name (e.g., 'Support'), display name (e.g., 'Customer Support'), and email address (e.g., support@contoso.com). Optionally assign delegates (users who will have Full Access or Send As permissions). Click 'Add'. The mailbox is created in Exchange Online with a default 50 GB quota. The mailbox is hidden from the global address list by default? No, it is visible. You can hide it later. A new user object is created in Azure AD but is disabled (cannot sign in). The mailbox is ready to receive emails immediately.
Assign Permissions to Shared Mailbox
After creation, you need to grant users access. In the admin center, select the shared mailbox, click 'Edit' under 'Delegates'. Add users and assign 'Full Access' and/or 'Send As' permissions. Alternatively, use Exchange admin center: Recipients > Shared > select mailbox > mailbox delegation. In PowerShell: Add-MailboxPermission -Identity support@contoso.com -User user@contoso.com -AccessRights FullAccess -InheritanceType All. For Send As: Add-RecipientPermission -Identity support@contoso.com -Trustee user@contoso.com -AccessRights SendAs. The permissions take effect within minutes. Users must close and reopen Outlook to see the mailbox.
Access the Shared Mailbox in Outlook
A user with Full Access permission can open the shared mailbox in Outlook by choosing File > Account Settings > Change > More Settings > Advanced > Add. They type the shared mailbox name or email address. Alternatively, if auto-mapping is enabled (default), the mailbox appears automatically in the folder pane. Auto-mapping works only if the user has Full Access and the mailbox is under 50 GB? Actually auto-mapping works regardless of size. The user can read, reply, and delete messages. To send as the shared mailbox, the user must have Send As permission and select the shared mailbox address in the From field (which must be enabled in Outlook).
Create a Distribution Group
In the Microsoft 365 admin center, go to Teams & groups > Active teams & groups > Distribution list. Click 'Add a distribution list'. Enter a name, display name, and email address. Optionally add owners and members. Click 'Add'. The group is created as a mail-enabled universal distribution group in Exchange Online. It does not have a mailbox. When an email is sent to the group, Exchange expands the group and sends a copy to each member. The group can have up to 100,000 members. For larger lists, use dynamic distribution groups or external tools.
Manage Distribution Group Membership
Members can be added manually or dynamically. For a dynamic distribution group, define a recipient filter (e.g., 'RecipientTypeDetails -eq 'UserMailbox' -and Department -eq 'Sales''). The group membership is calculated at send time. For static groups, add members individually via admin center, Exchange admin center, or PowerShell: Add-DistributionGroupMember -Identity salesteam@contoso.com -Member user@contoso.com. To remove: Remove-DistributionGroupMember. Changes take effect within minutes. Note: Distribution groups cannot be used for security permissions unless they are mail-enabled security groups (which can be used for both email and permissions).
In a real enterprise, shared mailboxes are commonly used for departmental or functional addresses. For example, a large retail company might have a shared mailbox returns@contoso.com for processing returns. Multiple customer service representatives need to read and respond to return requests. They are granted Full Access and Send As permissions. The shared mailbox has a 50 GB limit, but the company expects high volume, so they enable archiving (requires E3 license for the mailbox? Actually archiving requires an Exchange Online Plan 2 license for the shared mailbox if it exceeds 50 GB or if you want unlimited archiving). They also set up a transport rule to auto-reply with a confirmation when a return request is received.
Another scenario: a global consulting firm uses distribution groups for project teams. Each project has a distribution list like project-alpha@contoso.com. Team members are added manually. When a partner sends an email to the group, it goes to all members. However, they run into issues when a member leaves the company; their mailbox is deleted, but the distribution group still attempts to send to the deleted mailbox, causing non-delivery reports. They implement a process to regularly clean up distribution group memberships using PowerShell scripts.
A third scenario: a university uses dynamic distribution groups for 'All Students' and 'All Faculty'. The filter is based on the 'Department' attribute in Azure AD. When a new student enrolls, they are automatically added to the group. This works well, but they notice that dynamic groups have a slight delay (up to 24 hours) before the change is reflected because Azure AD syncs changes periodically. They also must ensure that the group expansion does not exceed the 5-minute timeout; for very large groups, they use external email services.
Common misconfigurations: assigning Send As permission but not Full Access (user can send but cannot see the mailbox in their folder list unless they manually add it). Another: creating a shared mailbox but not assigning any permissions, so no one can access it. Also, using a distribution group when a shared mailbox is needed (e.g., expecting to store messages in the group's mailbox, which doesn't exist).
The MS-900 exam tests shared mailboxes and distribution groups under objective 2.2 'Describe collaboration solutions in Microsoft 365'. Specifically, you need to know:
- When to use a shared mailbox vs. distribution group vs. Microsoft 365 Group. The exam loves scenario-based questions: 'A group of people needs to receive and send email from a common address like sales@contoso.com. They do not need a calendar or document collaboration. What should you use?' The correct answer is shared mailbox. A common wrong answer is Microsoft 365 Group because it sounds modern, but the scenario explicitly says 'no calendar or document collaboration' — shared mailbox is simpler. - Licensing: Shared mailbox does not require a license (if under 50 GB and no archive/litigation hold). Distribution groups do not require a license. This is a classic true/false or multiple-choice where candidates incorrectly think distribution groups need a license. - Permissions: Know the difference between Full Access, Send As, and Send on Behalf. The exam may ask: 'A user needs to send email that appears to come from the shared mailbox. Which permission?' Answer: Send As. A trap: Send on Behalf shows 'on behalf of' in the message. - Storage: Shared mailbox default 50 GB. Distribution groups have no storage. - Dynamic distribution groups: They use recipient filters. The exam may ask: 'Which type of group automatically includes new employees based on department?' Answer: Dynamic distribution group. - Common wrong answers: 1. 'Shared mailboxes require a license for each user accessing it.' Actually, users need their own Exchange Online license, but the shared mailbox itself does not need a license (under 50 GB). 2. 'Distribution groups can store emails.' No, they only forward. 3. 'You can assign permissions to a distribution group.' No, distribution groups themselves cannot have permissions; they are for email forwarding only. 4. 'Shared mailboxes can be used for security groups.' No, they are not security principals. - Edge cases: If a shared mailbox exceeds 50 GB, you need an Exchange Online Plan 2 license or an archive add-on. If you enable litigation hold, you need a license. The exam may test that the mailbox can be accessed via Outlook on the web (OWA) by clicking the profile icon and opening another mailbox. - Numbers: Default 50 GB, max 100 GB with license. Distribution group max 100,000 members (but not tested often).
To eliminate wrong answers: always check if the scenario requires storing messages. If yes, it must be a mailbox (shared or Microsoft 365 Group). If no storage needed, it's a distribution group. If collaboration beyond email is needed (calendar, files), lean toward Microsoft 365 Group.
Shared mailboxes store emails; distribution groups forward emails.
Shared mailboxes do not require a license (under 50 GB); distribution groups never require a license.
Full Access allows reading and sending, Send As allows sending as the mailbox, Send on Behalf shows 'on behalf of'.
Distribution groups can have up to 100,000 members.
Dynamic distribution groups use recipient filters for automatic membership.
Shared mailboxes are accessed via delegation; users need their own Exchange license.
Distribution groups cannot be used for security permissions unless they are mail-enabled security groups.
These come up on the exam all the time. Here's how to tell them apart.
Shared Mailbox
Has a mailbox that stores emails
Requires permissions (Full Access, Send As) for users to access
Can have a calendar and contacts
Default storage 50 GB, up to 100 GB with license
Does not require a license (under 50 GB)
Distribution Group
No mailbox; only forwards emails to members
No permissions needed; membership determines who receives emails
No calendar or contacts
No storage limits (but member count limits apply)
Never requires a license
Mistake
Shared mailboxes require a license for the mailbox itself.
Correct
Shared mailboxes up to 50 GB do not require a license. Only if you need more storage, archiving, or litigation hold must you assign an Exchange Online Plan 2 license.
Mistake
Distribution groups can be used to assign permissions to resources.
Correct
Only mail-enabled security groups can be used for both email distribution and permission assignment. Regular distribution groups cannot be used for security.
Mistake
Shared mailboxes can be directly logged into with a username and password.
Correct
Shared mailboxes are disabled user accounts; they cannot be signed into directly. Users must access them via delegation permissions.
Mistake
Distribution groups store emails in a mailbox.
Correct
Distribution groups do not have a mailbox; they simply forward emails to all members. No storage is involved.
Mistake
Dynamic distribution groups require manual membership updates.
Correct
Dynamic distribution groups automatically update membership based on recipient filters; no manual management is needed.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
No, there is no direct conversion. You would need to create a new distribution group and add the shared mailbox's email address as a member (or forward emails). However, you can hide the shared mailbox and create a distribution group with the same address, but that would require removing the shared mailbox first. It's easier to just create a new group and redirect.
Yes, each user who accesses a shared mailbox must have an Exchange Online license (any plan). The shared mailbox itself does not need a license if under 50 GB and no additional features are used.
Send As makes the email appear as if it came directly from the shared mailbox (no indication of the sender). Send on Behalf shows 'Sender on behalf of SharedMailbox' in the From field. Both require permission assignment.
No, distribution groups are only for email. For team chat, use Microsoft Teams. For a combination of email, chat, and files, use Microsoft 365 Groups.
In Exchange admin center, select the shared mailbox, click 'Properties', and under 'General', select 'Hide from address lists'. In PowerShell: Set-Mailbox -Identity support@contoso.com -HiddenFromAddressListsEnabled $true.
If the member's mailbox is deleted, emails sent to the distribution group will generate non-delivery reports for that address. You should remove the member from the group manually or use dynamic groups to avoid this.
Yes, you can assign Send on Behalf permission without Full Access. The user can send emails on behalf of the shared mailbox but cannot read or manage the mailbox unless Full Access is also granted.
You've just covered Shared Mailboxes and Distribution Lists — now see how well it sticks with free MS-900 practice questions. Full explanations included, no account needed.
Done with this chapter?