Become a Columnist Microsoft Exchange Site Microsoft Support SiteMSDN Exchange Site

   

Subscribe to OutlookExchange
What's New
Columnist
Anderson Patricio
Ann Mc Donough
Bob Spurzem
Brian Veal
Catherine Creary
Cherry Beado
Colin Janssen
Collins Timothy Mutesaria
Drew Nicholson
Fred Volking
Glen Scales
Goran Husman
Guy Thomas
Henrik Walther
Jason Sherry
Jayme Bowers
John Young
Joyce Tang
Justin Braun
Konstantin Zheludev
Kristina Waters
Kuang Zhang
Mahmoud Magdy
Martin Tuip
Michael Dong
Michele Deo
Mitch Tulloch
Nicolas Blank
Pavel Nagaev
Ragnar Harper
Ricardo Silva
Richard Wakeman
Russ Iuliano
Santhosh Hanumanthappa
Steve Bryant
Steve Craig
Todd Walker
Tracey J. Rosenblath
Development
More Resources
Software
Other Links
 
   

Configuring Exchange to host multiple e-mail domains
Page 1 | Page 2 | Page 3

Recipient policies

Before I go on, let me cover how recipient e-mail address policies work.  Exchange only accepts e-mails for domain names that are listed in one of the recipient polices.  If the Exchange server receives a message for a domain name, or e-mail suffix that does not exist as a policy, it will return an NDR (Non-Deliver Receipt) to the sender.  This assumes Exchange is configured to send NDR to all domains.  Even if you add an e-mail address to a user in ADU&C, Exchange will still reject e-mail for the user it if the e-mail suffix isn't listed in the recipient policies.

When Exchange does accept mail from a domain, which is listed in the policies, it will check to see if it is the last mail system to accept mail for this domain.  If it is and the e-mail address does not exist in the domain it will generate an NDR.  This setting is controlled by the check box in the last screen shot, called "This Exchange Organization is responsible for all mail delivery to this address."  If this check-box is unchecked and the recipient ca not be resolved, Exchange will then attempt to send the message though an SMTP connector.  In order for the other system to receive the e-mail, an SMTP connector must be configured for the domain in question that forwards the messages to the other mail server.  For example, a company has both Exchange and Sendmail in their environment and users on both systems have a "@company.com" address.  When mail comes in from the Internet it makes the most sense to have either Sendmail or Exchange handle all incoming e-mail for the domain.  If Exchange is the primary mail system it needs to send any unresolved e-mails to Sendmail.  In order for this to happen the checkbox discussed above must not be checked and an SMTP connector or DNS must be configured to send mail to the Sendmail system.

The last setting is the priority of the recipient policy.  When the Recipient Update Service (RUS) runs, it checks each object to see which policies apply to them.  RUS then uses the policy with the highest priority to set the e-mail address for an object.  Each policy can have an LDAP filter applied to it that controls what objects the policy applies to.  These filters must be based on static attributes of the object, calculated attributes like DN and OU membership cannot be used.  So it is important that the filter and priority on a recipient policy are set correctly.

Adding a new recipient policy

This takes us to how to create a recipient policy that only applies to certain objects in the AD.  In the steps below I will cover creating a recipient policy that only applies to members of a "Sales" group.

1.      Right click on the Recipient Policies container and choose New\Recipient Policy...

2.      On the New Policy dialog check "E-Mail Addresses" and click OK

3.      Enter in "Sales" for the Name and click Modify... on the General tab

4.      On the Find Exchange Recipients dialog leave the default options on the General tab and click the Advanced tab

  • The General tab controls what object types the policies will apply to

  • The Storage tab can be used to filter objects by the server or mailbox store they are on

  • Advanced can be used to filter objects by almost any AD attribute

 

5.      Click the Field button and choose User\Member Of

6.      Enter in the full DN of the group, example: "CN=Sales,OU=Group,DC=Altered,DC=com"
 

  • Instead of using group membership, you could use State, Department, Company or any other attribute.  If you use a linked attribute, like Member Of or Manager, you have to enter the DN of the object.

  • If you don't know the DN of the object, open up ADU&C and make sure "Advanced Features" is enabled under the View menu.  Then open up the object and click the Object tab.  This will display the canonic path of the object, reverse the path and change it to the distinguished name format.  Example: altered.com\ Groups\Sales becomes CN=Sales,OU=Groups,DC=Altered,DC=com"

 

7.      Click Add

8.      Click Find Now to verify that the DN path you entered is valid

  • In the search results, any object that is in the Sales group, or matches the criteria you entered, and is mail or mailbox enabled should be shown.

 

9.      Click OK

10.  Click OK on the information message

11.  You should now see a filter like the one below, click on the "E-Mail Address (Policy)" tab now
 

12.  The current e-mail generation rules will be displayed, remove any address that you do not want to be added to the objects that are a member of the Sales group

  • You have to leave one X.400 address and SMTP address

 

13.  Click New... and choose SMTP Address

14.  In the address box enter "%g@sales.<domain>", example "%g@sales.izzy.org" and click OK

  • This will tell Exchange to create a <givename>@sales.izzy.org address for all users who match the recipient policy filter, members of the Sales group in this case.

 

15.  Enter any additional address you would like the users to have
Examples

  1. %g@<domain>, example: %g@izzy.org becomes Jason@izzy.org

  2. %g.%s@<domain>, example: %g.%s@izzy.org becomes Jason.Sherry@izzy.org

  3. %1g%s@<domain>, example %1g%s@izzy.org becomes JSherry@izzy.org

  • For more details on using replacement strings\variables see KB822447

 

16.  Click the address you want to be the primary address, the one that shows up as the Reply To address on all e-mails and click Set as Primary

17.  Check the checkbox for all e-mail aliases you want users who match this policy to have

18.  Click OK

19.  When prompted, if you want to update the e-mail address for objects that match the new address, click No.  You will be prompted for each address you added or changed

  • If you click Yes, Exchange will add the new e-mail address to the object that matches the rules.

 

Configuring Exchange to host multiple e-mail domains
Page 1 | Page 2 | Page 3

Disclaimer: Your use of the information contained in these pages is at your sole risk. All information on these pages is provided "as is", without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title or non-infringement, and none of the third-party products or information mentioned in the work are authored, recommended, supported or guaranteed by Stephen Bryant or Pro Exchange. OutlookExchange.Com, Stephen Bryant and Pro Exchange shall not be liable for any damages you may sustain by using this information, whether direct, indirect, special, incidental or consequential, even if it has been advised of the possibility of such damages.

Copyright Stephen Bryant 2008