SharePoint Distribution List Nightmares

So now that you finally get your enterprise rolling with SharePoint you are bound to start getting request to include Distribution Lists in Alerts & Workflows.

Well....guess what. You can't.

Since all security for SharePoint is designed around users and security groups it is impossible(not really but completely unusable) to add a Distribution List access to a SharePoint site. And that is the part to keep in mind. Why would you add a Distribution List full of users that cannot even access the site??? So that means you just move them all to a new Security Group and you are up and running. HA!
That is only the beginning!

After the new Security Groups are setup then you need email addresses for these new groups. Well now it should work right? Still no.
All the new groups need to be set as Universal Groups from MS "Mail-enabled non-universal groups are de-emphasized in Exchange 2007 and can only exist if they were migrated from previous versions of Exchange. You cannot use Exchange 2007 to create new non-universal distribution groups."

Then guess what! The exchange admin has to go in via Management Shell interface and email-enable this new group In Microsoft Exchange Server 2007, you can create or mail-enable only universal distribution groups.
Then specify Enable-DistribuitionGroup -Identity

You can see in this sample image that a non-universal group cannot be email enabled.

Now that all that is completed you are ready to go right! You wish!
Now you need to go into your Shared Services Administration under Central Admin.

It is EXTREMELY important to pay particular attention to you naming conventions in the newly created email-enabled Security Groups.

Under the SSP that is responsible for User Profiles select "User profiles and properties."
Select the link next to "Import Source." Mine says "Custom Source" since I am crawling multiple domains.

Then you need to select "View Import Connections" from the Source section.

At that point Edit the connection for the domain that has the newly created groups.
The trick now is that your basic User Filter is only pulling in user accounts. You need to modify it so it also will pull in all the newly created Email-Enabled Security Groups but ONLY the newly created Email-Enabled Security Groups. You absolutely do not want to just pull in all the groups across your entire Active Directory into SharePoint!

The default LDAP query looks like this (&(objectCategory=Person)(objectClass=User))

If your new naming convention preceded each group with SP.DL.
(Remember I said this was going to be important!)

It needs to be modified to (|(&(objectCategory=group)(cn=sp.dl*))(&(objectCategory=Person)(objectCategory=User)))

Hit Ok and return to User Profiles and Properties and select "Start full import." After you have finished you can visit "View user profiles" and search for your new groups.

At that point you are finally ready to start "using" Distribution Lists in SharePoint!