How to share an SMTP address space in Exchange 2000 Server or in Exchange Server 2003

Article ID: 321721 - View products that this article applies to.

This article was previously published under Q321721

INTRODUCTION

This article describes how to configure Microsoft Exchange Server 2003 or Microsoft Exchange 2000 Server to support a shared SMTP address space.

For more information about how to configure Exchange Server 5.5 to share Simple Mail Transfer Protocol (SMTP) domain name space, click the following article number to view the article in the Microsoft Knowledge Base:

258203

(http://support.microsoft.com/kb/258203/ )

How to configure Exchange to share SMTP domain name space

Back to the top | Give Feedback

MORE INFORMATION

Business requirements may require that you share the same SMTP address space between two or more different e-mail systems. For an Exchange Server environment, this may mean that you have to share the SMTP address space between Exchange Server and a UNIX-based e-mail system or between Exchange environments that are configured in different Active Directory forests. In this situation, users in each e-mail system have the same domain suffix as part of their e-mail addresses.

For the purposes of this article, the terms "address space" and "domain" are used interchangeably. This article is written from the perspective that the Exchange server is the incoming SMTP gateway from the Internet. When Exchange receives an incoming SMTP message from the Internet, Exchange first tries to resolve the e-mail addresses that are displayed in the recipient fields to objects in Active Directory. If the e-mail address resolves to an Exchange mailbox, Exchange routes the message to the mailbox. If the e-mail address does not resolve to an Exchange mailbox, Exchange routes the message to the e-mail system with which the SMTP address space is shared. The receiving e-mail system then delivers the message to a local mailbox, or it generates a non-delivery report (NDR) delivery status notification (DSN) message. The e-mail system with which the SMTP address space is shared cannot forward the unresolved recipients back to the Exchange incoming SMTP gateway. If you configure the last e-mail system that is in an e-mail system chain to forward unresolved recipients to the incoming e-mail gateway, you will have a messaging loop in which e-mail messages may continuously loop between e-mail servers.

Method 1: Share the same SMTP address space with a different e-mail system

Only one e-mail system can be authoritative for a particular SMTP address space. When an e-mail system is non-authoritative for an SMTP address space, the e-mail must eventually be routed to an e-mail system that is authoritative for the SMTP address space. This behavior occurs to make sure that a non-delivery report is generated if an e-mail message cannot be delivered to a recipient. An SMTP address space can be shared with any number of different e-mail systems. In this configuration, each e-mail system is a link in a chain of e-mail systems. The first e-mail system in the chain sends messages to the second e-mail system, and so on. This behavior continues until the message is delivered to a recipient or until the last e-mail system in the chain generates a non-delivery report for the message.

Exchange must be authoritative for the primary SMTP address space that is specified in the default recipient policy. Exchange does not have to be authoritative for any other SMTP address space. In this situation, you only have to add the shared SMTP address space to another recipient policy, set that SMTP address space as the primary SMTP address space, and then click to clear the This Exchange Organization is responsible for all mail delivery to this address check box in the SMTP Address Properties dialog box.

Important You cannot share an SMTP address space for which Exchange is authoritative. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

823158

(http://support.microsoft.com/kb/823158/ )

Authoritative and nonauthoritative domains in Exchange 2000 Server and in Exchange Server 2003

Recipient policies dictate the SMTP address spaces for which Exchange is authoritative. To determine whether Exchange is authoritative for a particular SMTP address space, follow these steps:

In Exchange System Manager, right-click the recipient policy, and then click Properties.
Click the E-Mail Addresses (Policy) tab, click an e-mail address, and then click Edit.
If the This Exchange Organization is responsible for all mail delivery to this address check box is selected, Exchange is authoritative for the SMTP address space. If this check box is not selected, Exchange is non-authoritative for the SMTP address space.

To share the SMTP address space with a different e-mail system, follow these steps.

Step 1: Modify the primary SMTP address for the default recipient policy

If you want to share the SMTP address space that is specified as the primary SMTP address space in the default recipient policy, you must create a new SMTP address space to act as the primary SMTP address space in the default recipient policy. The new primary SMTP address space that you create does not have to be valid in the Internet DNS. You can use a private SMTP address space such as @localhost or @example.local. This address space is the SMTP address space that Exchange will use to route internal e-mail messages.

To modify the primary SMTP address space that is specified in the default recipient policy, follow these steps.

Note By default, the domain that you specify when you install Active Directory is the SMTP address space for which Exchange is authoritative. If this SMTP address space is not the SMTP address space that you want to share, skip steps a through g. Instead, go to "Step 2: Configure the shared SMTP address space." These steps only apply if Exchange is authoritative for the SMTP address space that you want to share.

Start Exchange System Manager, click Recipient Policies, right-click Default Policy, and then click Properties.
In the Default Policy Properties dialog box, click the E-Mail Address (Policy) tab, and then click New.
In the New E-mail Address dialog box, click SMTP Address, and then click OK.
In the SMTP Address Properties dialog box, type the SMTP address space for which you want Exchange to be authoritative. For example, type @example.local.
Click to select the This Exchange Organization is responsible for all mail delivery to this address check box, and then click OK.

Note The e-mail address space that you specified must be stamped on all e-mail-enabled objects in Active Directory. In particular, this e-mail address space must be stamped on user accounts that have mailboxes. This enables the users to access the Outlook Web Access virtual server.
Click the new SMTP address that you created, and then click Set as Primary.
Remove the SMTP address that you want to share from the default recipient policy. To do this, click the SMTP address that you want to share, and then click Remove.

You should also examine Mailbox Manager Policies to make sure that the shared SMTP address is nonauthoritative. Mailbox Manager Policies also contain e-mail address. If the Default policy has been modified and the Mailbox Manager SMTP address for the shared SMTP address is still authoritative, users will receive a 5.1.1 non-delivery report (NDR). To verify that the shared SMTP is nonauthoritative, follow these steps:

Right-click the mailbox manager policy, and then click Change property pages.
Make sure E-Mail Addresses is selected, and then click OK.
Right-click the mailbox manager policy, and then click Properties.
On the E-Mail Address (Policy) tab, select the shared SMTP address, and then click Edit.
Click to clear the This Exchange Organiation is responsible for all mail delivery to this address check box.
Perform step 5 for all Mailbox Manager Policies in the Recipient Policies container.

Step 2: Configure the shared SMTP address space

To configure the shared SMTP address space, follow these steps:

Create a new recipient policy for the shared SMTP address space. To do this, right-click Recipient Policies, point to New, and then click Recipient Policy.
In the New Policy dialog box, click to select the E-Mail Address check box, and then click OK.
In the Properties dialog box, type a name for the new recipient policy, click Modify, and then click OK.

Note This configures the default LDAP filter for the policy. You can also modify this filter as appropriate for your environment.
When you receive the following message, click OK:
When a recipient policy filter changes it does not mean that the proxy addresses for recipients who may no longer be under the control of the policy will be automatically re-evaluated. For these recipients to receive proxies from the new policies to which they belong, use 'Apply this policy now' on the policies that now affect these recipients.
Click the E-Mail Addresses (Policy) tab, and then click New.
Click SMTP Address, and then click OK.
In the Address box, type the SMTP address space that you want to share. For example, type @example.com, or type @microsoft.com.
Click to clear the This Exchange Organization is responsible for all mail delivery to this address check box, and then click OK.
Click the new SMTP address that you created, and then click Set as Primary.
Click OK, and then click Yes when you receive the following message:
The e-mail Addresses of type(s) [SMTP] have been modified. Do you want to update all corresponding recipient e-mail addresses to match these new address(es)?

Step 3: Modify the SMTP virtual server properties to remove message forwarding for unresolved recipients

To do this, follow these steps:

In Exchange System Manager, expand Administrative Groups, expand Administrative Group Name, expand Servers, expand ServerName, expand Protocols, expand SMTP, and then click the corresponding SMTP virtual server.
Right-click Default SMTP Virtual Server, and then click Properties.

Note You may have to expand SMTP Virtual Servers before you can click Default SMTP Virtual Server.
Click the Messages tab.
Delete any entries that are displayed in the Forward all mail with unresolved recipients to host box, and then click OK.

Step 4: Configure an SMTP connector for the shared SMTP address space

After you configure the shared SMTP address space, you must specify the means for Exchange to determine where to route messages that do not resolve to an object in Active Directory. To do this, create an SMTP connector that has the shared SMTP address space in the Add Address Space dialog box of the connector object. If you do not add the SMTP connector with the shared address space, any incoming e-mail that is destined to the shared SMTP address space is interpreted as an attempt to relay. In this situation, Exchange does not accept the incoming e-mail. Additionally, you must specify a server to which Exchange will forward unresolved e-mail. You can specify this destination server by using its host name or by using its IP address.

To configure the SMTP connector, follow these steps:

In Exchange System Manager, right-click Connectors, point to New, and then click SMTP Connector.
In the Properties dialog box, type a name for the new connector in the Name box.
Click Forward all mail through this connector to the following smart hosts, and then type the host name of the destination computer or the IP address of the destination computer. You must type square brackets ([ ]) around the host name or IP address. For example, if the IP address of the destination computer is 192.168.1.10, type [192.168.1.10].

This computer will receive all e-mail that is not resolved to objects in Active Directory.
Click Add, click an Exchange server in the Add Bridgehead dialog box, and then click OK.
Click the Address Space tab, click Add, click SMTP in the Add Address Space dialog box, and then click OK.
In the Internet Address Space Properties dialog box, type the shared SMTP address space in the E-mail domain box. When you type the shared SMTP address space, do not include the at (@) symbol. For example, type example.com in the E-mail domain box. Then, click OK.
Click to select the Allow messages to be relayed to these domains check box.

Note Because Exchange must also receive messages for the shared e-mail address space, you must let Exchange relay messages to this domain. This setting lets all the SMTP virtual servers that are listed under Local bridgeheads on the General tab accept messages for the shared e-mail address space.
Click OK.

Step 5: Restart the Routing and SMTP services

To do this, follow these steps:

In the Services snap-in, click Start, click Run, type services.msc, and then click OK.
Right-click Microsoft Exchange Routing Engine, and then click Stop.
Right-click Microsoft Exchange Routing Engine, and then click Start.
Right-click Simple Mail Transport Protocol (SMTP), and then click Stop.
Right-click Simple Mail Transport Protocol (SMTP), and then click Start.
Exit the Services snap-in.

After you configure these settings, Exchange can forward messages to a foreign messaging system that shares the same SMTP domain name space.

Method 2: Share the SMTP address space by using contacts to redirect e-mail to a remote e-mail system

Exchange can share a common SMTP address space with different e-mail systems by using contacts and SMTP connectors to determine the path for the e-mail messages. The domain part of the targetAddress attribute of a contact determines the destination e-mail system. The e-mail addresses that are displayed on the E-mail Addresses tab of the contact determines which e-mail addresses will resolve to the contact. From this information, Exchange can route the e-mail message to the correct targetAddress. The targetAddress corresponds to the e-mail address on the General tab of the contact. Also, the targetAddress is used as the primary SMTP address of the contact. The primary SMTP address is denoted by the "SMTP" acronym that appears in uppercase bold characters before the particular SMTP e-mail address.

When an Exchange system receives an SMTP e-mail message, Exchange queries Active Directory to try to resolve the e-mail address that is listed in the recipient field of the message to the e-mail address of an object in Active Directory. If a match is found, Exchange routes the message to the e-mail address that is specified in the targetAddress attribute of the object. For the purposes of this article, this e-mail address is the e-mail address that is present in a remote e-mail system that has a unique SMTP domain.

This routing feature lets Exchange act as a mail switch for any number of SMTP domains that are hosted by different e-mail systems. The contact has a primary SMTP address that corresponds to the remote messaging system and the contact has a secondary SMTP address that corresponds to the SMTP domain of the Exchange system. You use SMTP connectors that are configured to use address spaces that are specific to the remote e-mail system's domain to route e-mail to the remote e-mail systems.

User accounts in the remote e-mail system must have a primary SMTP e-mail address that corresponds to the shared SMTP address space and a secondary SMTP e-mail address that corresponds to the primary SMTP e-mail address, also known as the targetAddress, of the contact in Active Directory.

In this scenario, the following e-mail exchange occurs:

When a user from the remote e-mail system sends an e-mail message to the Internet, the domain part of the reply address will correspond to the secondary SMTP e-mail address of the contact in Active Directory.
When the user from the Internet replies, the message is routed to the Exchange server.
When Exchange receives the message, Exchange resolves the e-mail address to the secondary SMTP address of the contact in Active Directory.
Exchange routes the message to the primary SMTP e-mail address of the Active Directory contact. This is the targetAddress of the contact. Therefore, the e-mail message is routed to the remote e-mail system.

To use contacts to redirect e-mail to a remote e-mail system, follow these steps.

Step1: Configure recipient policies for use with contacts

Exchange accepts e-mail messages for any SMTP address space that is configured in a recipient policy. To add a remote SMTP domain to a recipient policy, follow these steps.

Note This recipient policy uses a NULL filter rule. This rule is acceptable because you use the correct targetAddress value when you add the contacts to Active Directory. A NULL filter rule also prevents the Recipient Update Service from stamping Exchange objects with the SMTP address space of the remote e-mail system.

In Exchange System Manager expand Recipients, right-click Recipient Policies, point to New, and then click Recipient Policy.
In the New Policy dialog box, click to select the E-Mail Addresses check box, and then click OK.
In the Properties dialog box, type a name for the recipient policy, and then click Modify.
In the Find Exchange Recipients dialog box, click to clear all the check boxes that appear on the General tab, and then click OK.
When you receive the following error message, click OK:
You must select at least one recipient type.

ID no: c103a06e
Microsoft Active Directory - Exchange Extension
When you receive the following message, click OK:
When a recipient policy filter changes it does not mean that the proxy addresses for recipients who may no longer be under the control of the policy will be automatically re-evaluated. For these recipients to receive proxies from the new policies to which they belong, use 'Apply this policy now' on the policies that now affect these recipients.
Click the E-Mail Addresses (Policy) tab, and then click New.
In the New E-mail Address dialog box, click SMTP Address, and then click OK.
In the SMTP Address Properties dialog box, type SMTP domain of the remote e-mail system in the Address box. You must include the at symbol (@) in the Address box when you type the SMTP domain. For example, if the remote SMTP domain is example.com, type @example.com in the Address box. Then, click OK.
Click to clear the This Exchange Organization is responsible for all mail delivery to this address check box, and then click OK.
Click to select the check box of the new SMTP domain that you created in step i.
Follow steps g through k to create additional SMTP domains if you have additional remote SMTP domains.
Click OK, and then click No when you are prompted to update recipient e-mail addresses.

Step 2: Add contacts to Active Directory to represent remote users

You can add contacts to Active Directory by using one or more of the following methods:

By using the Active Directory Users and Computers tool
By using the Csvde.exe tool
By using the Ldifde.exe tool
By adding the contacts programmatically

Because it may take a long time to add contacts to Active Directory by using the Active Directory Users and Computers tool, we recommend that you use the Csvde.exe tool to add contacts to Active Directory. When you use Csvde.exe, you can modify the import file by using Microsoft Excel. The Csvde.exe tool is included with Microsoft Windows Server 2003 and with Microsoft Windows 2000 Server.

You can use the Csvde.exe tool to easily add many contacts to Active Directory. The Csvde.exe tool uses a comma-separated file format that uses the first line as a header. This header contains a comma-separated list of Active Directory attributes. The following example header file illustrates the minimum attribute set that is required to create a mail-enabled contact:

objectClass,dn,name,cn,sn,givenName,displayName,proxyAddresses,targetAddress,mail,mailnickname

Each set of comma-separated values for the header must be on a single line in the Csvde.exe import file. And, each set of comma-separated values for each contact must be on a single line in the Csvde.exe import file.

Important The mailnickname attribute is important. Without the mailnickname attribute, the E-mail Addresses tab is not displayed in the UserName Properties dialog box of the user in Active Directory Users and Computers.

The following example demonstrates the use of the header together with example values for a SMTP contact:

objectClass,dn,name,cn,sn,givenName,displayName,proxyAddresses,targetAddress,mail,mailnickname
contact,"cn=Internet User,ou=internet users,dc=xo,dc=one",Internet User,Internet User,User,Internet,Internet User,SMTP:internetUser@remote.domain; smtp:internetuser@xo.one,SMTP:internetUser@remote.domain,internetUser@remote.domain,internetuser

After you add the contacts' attributes to the import file, use the following command-line to import the contacts into Active Directory.

Note The DN attribute of the contact determines the organizational unit to which the contact is added.

csvde –I –f importFileName.csv

Step 3: Modify the SMTP virtual server properties to remove message forwarding for unresolved recipients

To do this, follow these steps:

In Exchange System Manager, expand Administrative Groups, expand Administrative Group Name, expand Servers, expand ServerName, expand Protocols, expand SMTP, and then click the corresponding SMTP virtual server.
Right-click Default SMTP Virtual Server, and then click Properties.

Note You may have to expand SMTP Virtual Servers before you can click Default SMTP Virtual Server.
Click the Messages tab.
Remove any entries that are displayed in the Forward all mail with unresolved recipients to host box, and then click OK.

Step 4: Create an SMTP connector to route e-mail to the remote e-mail system

To create an SMTP connector to route e-mail messages to a remote e-mail system, follow these steps:

In Exchange System Manager, right-click Connectors, point to New, and then click SMTP Connector.
In the Properties dialog box, type a name for the new connector in the Name box.
Click Forward all mail through this connector to the following smart hosts, and then type the host name of the destination computer or the IP address of the destination computer. You must type square brackets ([ ]) around the host name or the IP address. For example, if the IP address of the destination computer is 192.168.1.10, type [192.168.1.10].

This computer will receive all e-mail that is not resolved to objects in Active Directory.
Click Add, click an Exchange server in the Add Bridgehead dialog box, and then click OK.
Click the Address Space tab, click Add, click SMTP in the Add Address Space dialog box, and then click OK.
In the Internet Address Space Properties dialog box, type the shared SMTP address space in the E-mail domain box. When you type the shared SMTP address space, not include the at (@) symbol. For example, type example.com in the E-mail domain box. Then, click OK.
Click to select the Allow messages to be relayed to these domains check box.

Note Because Exchange must also receive messages for the shared e-mail domain, you must let Exchange relay messages to this domain. This setting lets all the SMTP virtual servers that are listed under Local bridgeheads on the General tab accept messages for the shared e-mail domain.
Click OK.
Follow steps a through h to create one SMTP connector for each remote SMTP e-mail domain.

Note If one remote e-mail server routes e-mail for all the remote SMTP e-mail domains, you only have to add all the remote SMTP domains to the Address Space tab of a single SMTP connector.

Step 5: Restart the Routing and SMTP services

To do this, follow these steps:

In the Services snap-in, click Start, click Run, type services.msc, and then click OK.
Right-click Microsoft Exchange Routing Engine, and then click Stop.
Right-click Microsoft Exchange Routing Engine, and then click Start.
Right-click Simple Mail Transport Protocol (SMTP), and then click Stop.
Right-click Simple Mail Transport Protocol (SMTP), and then click Start.
Exit the Services snap-in.