Business requirements may require that you share the same
SMTP address space between two or more different e-mail systems. For an
Exchange Server environment, this may mean that you have to share the SMTP
address space between Exchange Server and a UNIX-based e-mail system or between
Exchange environments that are configured in different Active Directory
forests. In this situation, users in each e-mail system have the same domain
suffix as part of their e-mail addresses.
For the purposes of this
article, the terms "address space" and "domain" are used interchangeably. This
article is written from the perspective that the Exchange server is the
incoming SMTP gateway from the Internet. When Exchange receives an incoming
SMTP message from the Internet, Exchange first tries to resolve the e-mail
addresses that are displayed in the recipient fields to objects in Active
Directory. If the e-mail address resolves to an Exchange mailbox, Exchange
routes the message to the mailbox. If the e-mail address does not resolve to an
Exchange mailbox, Exchange routes the message to the e-mail system with which
the SMTP address space is shared. The receiving e-mail system then delivers the
message to a local mailbox, or it generates a non-delivery report (NDR)
delivery status notification (DSN) message. The e-mail system with which the
SMTP address space is shared cannot forward the unresolved recipients back to
the Exchange incoming SMTP gateway. If you configure the last e-mail system
that is in an e-mail system chain to forward unresolved recipients to the
incoming e-mail gateway, you will have a messaging loop in which e-mail
messages may continuously loop between e-mail servers.
Back to the top
Method 1: Share the same SMTP address space with a different e-mail system
Only one e-mail system can be authoritative for a particular SMTP
address space. When an e-mail system is non-authoritative for an SMTP address
space, the e-mail must eventually be routed to an e-mail system that is
authoritative for the SMTP address space. This behavior occurs to make sure
that a non-delivery report is generated if an e-mail message cannot be
delivered to a recipient. An SMTP address space can be shared with any number
of different e-mail systems. In this configuration, each e-mail system is a
link in a chain of e-mail systems. The first e-mail system in the chain sends
messages to the second e-mail system, and so on. This behavior continues until
the message is delivered to a recipient or until the last e-mail system in the
chain generates a non-delivery report for the message.
Exchange must
be authoritative for the primary SMTP address space that is specified in the
default recipient policy. Exchange does not have to be authoritative for any
other SMTP address space. In this situation, you only have to add the shared
SMTP address space to another recipient policy, set that SMTP address space as
the primary SMTP address space, and then click to clear the
This
Exchange Organization is responsible for all mail delivery to this
address check box in the
SMTP Address Properties
dialog box.
Important You cannot share an SMTP address space for which Exchange is
authoritative.
For
more information, click the following article number to view the article in the
Microsoft Knowledge Base:
823158 (http://support.microsoft.com/kb/823158/)
Authoritative and nonauthoritative domains in Exchange 2000 Server and in Exchange Server 2003
Recipient policies dictate the SMTP
address spaces for which Exchange is authoritative. To determine whether
Exchange is authoritative for a particular SMTP address space, follow these
steps:
| 1. | In Exchange System Manager, right-click the recipient
policy, and then click Properties. |
| 2. | Click the E-Mail Addresses (Policy) tab,
click an e-mail address, and then click Edit. |
| 3. | If the This Exchange Organization is responsible
for all mail delivery to this address check box is selected, Exchange
is authoritative for the SMTP address space. If this check box is not selected,
Exchange is non-authoritative for the SMTP address space. |
To share the SMTP address space with a different e-mail system,
follow these steps.
Step 1: Modify the primary SMTP address for the default recipient policy
If you want to share the SMTP address space that is specified as
the primary SMTP address space in the default recipient policy, you must create
a new SMTP address space to act as the primary SMTP address space in the
default recipient policy. The new primary SMTP address space that you create
does not have to be valid in the Internet DNS. You can use a private SMTP
address space such as
@localhost or
@example.local. This address space
is the SMTP address space that Exchange will use to route internal e-mail
messages.
To modify the primary SMTP address space that is specified
in the default recipient policy, follow these steps.
Note By default, the domain that you specify when you install Active
Directory is the SMTP address space for which Exchange is authoritative. If
this SMTP address space is not the SMTP address space that you want to share,
skip steps a through g. Instead, go to "Step 2: Configure the shared SMTP
address space." These steps only apply if Exchange is authoritative for the
SMTP address space that you want to share.
| a. | Start Exchange System Manager, click Recipient
Policies, right-click Default Policy, and then click
Properties. |
| b. | In the Default Policy Properties dialog
box, click the E-Mail Address (Policy) tab, and then click
New. |
| c. | In the New E-mail Address dialog box,
click SMTP Address, and then click
OK. |
| d. | In the SMTP Address Properties dialog box,
type the SMTP address space for which you want Exchange to be authoritative.
For example, type
@example.local. |
| e. | Click to select the This Exchange Organization is
responsible for all mail delivery to this address check box, and then
click OK.
Note The e-mail address space that you specified must be stamped on
all e-mail-enabled objects in Active Directory. In particular, this e-mail
address space must be stamped on user accounts that have mailboxes. This
enables the users to access the Outlook Web Access virtual server. |
| f. | Click the new SMTP address that you created, and then click
Set as Primary. |
| g. | Remove the SMTP address that you want to share from the
default recipient policy. To do this, click the SMTP address that you want to
share, and then click Remove. |
You
should also examine Mailbox Manager Policies to make sure that the shared SMTP
address is nonauthoritative. Mailbox Manager Policies also contain e-mail
address. If the Default policy has been modified and the Mailbox Manager SMTP
address for the shared SMTP address is still authoritative, users will receive
a 5.1.1 non-delivery
report (NDR).
To verify that the shared SMTP is nonauthoritative, follow these steps:
| 1. | Right-click the mailbox manager policy, and
then click Change property pages. |
| 2. | Make sure E-Mail Addresses is selected,
and then click OK. |
| 3. | Right-click
the mailbox manager policy, and then click Properties. |
| 4. | On the E-Mail Address (Policy) tab, select
the shared SMTP address, and then click Edit. |
| 5. | Click to clear the This Exchange Organiation is
responsible for all mail delivery to this address check
box. |
| 6. | Perform step 5 for all Mailbox Manager Policies in the
Recipient Policies container. |
Step 2: Configure the shared SMTP address space
To configure the shared SMTP address space, follow these steps:
| a. | Create a new recipient policy for the shared SMTP address
space. To do this, right-click Recipient Policies, point to
New, and then click Recipient
Policy. |
| b. | In the New Policy dialog box, click to
select the E-Mail Address check box, and then click
OK. |
| c. | In the Properties dialog box, type a name
for the new recipient policy, click Modify, and then click
OK.
Note This configures the default LDAP filter for the policy. You can
also modify this filter as appropriate for your environment. |
| d. | When you receive the following message, click
OK: When a recipient policy filter
changes it does not mean that the proxy addresses for recipients who may no
longer be under the control of the policy will be automatically re-evaluated.
For these recipients to receive proxies from the new policies to which they
belong, use 'Apply this policy now' on the policies that now affect these
recipients. |
| e. | Click the E-Mail Addresses (Policy) tab,
and then click New. |
| f. | Click SMTP Address, and then click
OK. |
| g. | In the Address box, type the SMTP address
space that you want to share. For example, type
@example.com, or type
@microsoft.com. |
| h. | Click to clear the This Exchange Organization is
responsible for all mail delivery to this address check box, and then
click OK. |
| i. | Click the new SMTP address that you created, and then click
Set as Primary. |
| j. | Click OK, and then click
Yes when you receive the following message: The e-mail Addresses of type(s) [SMTP] have been modified. Do
you want to update all corresponding recipient e-mail addresses to match these
new address(es)? |
Step 3: Modify the SMTP virtual server properties to remove message forwarding for unresolved recipients
To do this, follow these steps:
| a. | In Exchange System Manager, expand Administrative
Groups, expand Administrative Group Name, expand
Servers, expand
ServerName, expand
Protocols, expand SMTP, and then click the
corresponding SMTP virtual server. |
| b. | Right-click Default SMTP Virtual Server,
and then click Properties.
Note You may have to expand SMTP Virtual Servers
before you can click Default SMTP Virtual Server. |
| c. | Click the Messages tab. |
| d. | Delete any entries that are displayed in the
Forward all mail with unresolved recipients to host box, and
then click OK. |
Step 4: Configure an SMTP connector for the shared SMTP address space
After you configure the shared SMTP address space, you must
specify the means for Exchange to determine where to route messages that do not
resolve to an object in Active Directory. To do this, create an SMTP connector
that has the shared SMTP address space in the
Add Address
Space dialog box of the connector object. If you do not add the SMTP
connector with the shared address space, any incoming e-mail that is destined
to the shared SMTP address space is interpreted as an attempt to relay. In this
situation, Exchange does not accept the incoming e-mail. Additionally, you must
specify a server to which Exchange will forward unresolved e-mail. You can
specify this destination server by using its host name or by using its IP
address.
To configure the SMTP connector, follow these steps:
| a. | In Exchange System Manager, right-click
Connectors, point to New, and then click
SMTP Connector. |
| b. | In the Properties dialog box, type a name
for the new connector in the Name box. |
| c. | Click Forward all mail through this connector to
the following smart hosts, and then type the host name of the
destination computer or the IP address of the destination computer. You must
type square brackets ([ ]) around the host name or IP address. For example, if the IP
address of the destination computer is 192.168.1.10, type
[192.168.1.10].
This computer will receive all
e-mail that is not resolved to objects in Active Directory. |
| d. | Click Add, click an Exchange server in the
Add Bridgehead dialog box, and then click
OK. |
| e. | Click the Address Space tab, click
Add, click SMTP in the Add Address
Space dialog box, and then click OK. |
| f. | In the Internet Address Space Properties
dialog box, type the shared SMTP address space in the E-mail
domain box. When you type the shared SMTP address space, do not
include the at (@) symbol. For example, type
example.com in the
E-mail domain box. Then, click OK. |
| g. | Click to select the Allow messages to be relayed to
these domains check box.
Note Because Exchange must also receive messages for the shared e-mail
address space, you must let Exchange relay messages to this domain. This
setting lets all the SMTP virtual servers that are listed under Local
bridgeheads on the General tab accept messages for
the shared e-mail address space. |
| h. | Click OK. |
Step 5: Restart the Routing and SMTP services
To do this, follow these steps:
| a. | In the Services snap-in, click Start,
click Run, type services.msc, and then
click OK. |
| b. | Right-click Microsoft Exchange Routing
Engine, and then click Stop. |
| c. | Right-click Microsoft Exchange Routing
Engine, and then click Start. |
| d. | Right-click Simple Mail Transport Protocol
(SMTP), and then click Stop. |
| e. | Right-click Simple Mail Transport Protocol
(SMTP), and then click Start. |
| f. | Exit the Services snap-in. |
After you configure these settings, Exchange can forward
messages to a foreign messaging system that shares the same SMTP domain name
space.
Back to the top
Method 2: Share the SMTP address space by using contacts to redirect e-mail to a remote e-mail system
Exchange can share a common SMTP address space with different
e-mail systems by using contacts and SMTP connectors to determine the path for
the e-mail messages. The domain part of the
targetAddress attribute of a contact determines the destination e-mail system.
The e-mail addresses that are displayed on the
E-mail
Addresses tab of the contact determines which e-mail addresses will
resolve to the contact. From this information, Exchange can route the e-mail
message to the correct
targetAddress. The
targetAddress corresponds to the e-mail address on the
General
tab of the contact. Also, the
targetAddress is used as the primary SMTP address of the contact. The primary
SMTP address is denoted by the "SMTP" acronym that appears in uppercase bold
characters before the particular SMTP e-mail address.
When an
Exchange system receives an SMTP e-mail message, Exchange queries Active
Directory to try to resolve the e-mail address that is listed in the recipient
field of the message to the e-mail address of an object in Active Directory. If
a match is found, Exchange routes the message to the e-mail address that is
specified in the
targetAddress attribute of the object. For the purposes of this article, this
e-mail address is the e-mail address that is present in a remote e-mail system
that has a unique SMTP domain.
This routing feature lets Exchange act
as a mail switch for any number of SMTP domains that are hosted by different
e-mail systems. The contact has a primary SMTP address that corresponds to the
remote messaging system and the contact has a secondary SMTP address that
corresponds to the SMTP domain of the Exchange system. You use SMTP connectors
that are configured to use address spaces that are specific to the remote
e-mail system's domain to route e-mail to the remote e-mail
systems.
User accounts in the remote e-mail system must have a primary
SMTP e-mail address that corresponds to the shared SMTP address space and a
secondary SMTP e-mail address that corresponds to the primary SMTP e-mail
address, also known as the
targetAddress, of the contact in Active Directory.
In this scenario,
the following e-mail exchange occurs:
| 1. | When a user from the remote e-mail system sends an e-mail
message to the Internet, the domain part of the reply address will correspond
to the secondary SMTP e-mail address of the contact in Active
Directory. |
| 2. | When the user from the Internet replies, the message is
routed to the Exchange server. |
| 3. | When Exchange receives the message, Exchange resolves the
e-mail address to the secondary SMTP address of the contact in Active
Directory. |
| 4. | Exchange routes the message to the primary SMTP e-mail
address of the Active Directory contact. This is the targetAddress of the contact. Therefore, the e-mail message is routed to the
remote e-mail system. |
To use contacts to redirect e-mail to a remote e-mail system,
follow these steps.
Step1: Configure recipient policies for use with contacts
Exchange accepts e-mail messages for any SMTP address space that
is configured in a recipient policy. To add a remote SMTP domain to a recipient
policy, follow these steps.
Note This recipient policy uses a NULL filter rule. This rule is
acceptable because you use the correct
targetAddress value
when you add the contacts to Active Directory. A NULL filter rule also prevents
the Recipient Update Service from stamping Exchange objects with the SMTP
address space of the remote e-mail system.
| a. | In Exchange System Manager expand
Recipients, right-click Recipient Policies,
point to New, and then click Recipient
Policy. |
| b. | In the New Policy dialog box, click to
select the E-Mail Addresses check box, and then click
OK. |
| c. | In the Properties dialog box, type a name
for the recipient policy, and then click Modify. |
| d. | In the Find Exchange Recipients dialog
box, click to clear all the check boxes that appear on the
General tab, and then click OK. |
| e. | When you receive the following error message, click
OK: You must select at least one
recipient type.
ID no: c103a06e
Microsoft Active Directory -
Exchange Extension |
| f. | When you receive the following message, click
OK: When a recipient policy filter
changes it does not mean that the proxy addresses for recipients who may no
longer be under the control of the policy will be automatically re-evaluated.
For these recipients to receive proxies from the new policies to which they
belong, use 'Apply this policy now' on the policies that now affect these
recipients. |
| g. | Click the E-Mail Addresses (Policy) tab,
and then click New. |
| h. | In the New E-mail Address dialog box,
click SMTP Address, and then click
OK. |
| i. | In the SMTP Address Properties dialog box,
type SMTP domain of the remote e-mail system in the Address
box. You must include the at symbol (@) in the Address box
when you type the SMTP domain. For example, if the remote SMTP domain is
example.com, type
@example.com in the
Address box. Then, click OK. |
| j. | Click to clear the This Exchange Organization is
responsible for all mail delivery to this address check box, and then
click OK. |
| k. | Click to select the check box of the new SMTP domain that
you created in step i. |
| l. | Follow steps g through k to create additional SMTP domains
if you have additional remote SMTP domains. |
| m. | Click OK, and then click
No when you are prompted to update recipient e-mail
addresses. |
Step 2: Add contacts to Active Directory to represent remote users
You can add contacts to Active Directory by using one or more of
the following methods:
| • | By using the Active Directory Users and Computers
tool |
| • | By using the Csvde.exe tool |
| • | By using the Ldifde.exe tool |
| • | By adding the contacts programmatically |
Because it may take a long time to add contacts to Active
Directory by using the Active Directory Users and Computers tool, we recommend
that you use the Csvde.exe tool to add contacts to Active Directory. When you
use Csvde.exe, you can modify the import file by using Microsoft Excel. The
Csvde.exe tool is included with Microsoft Windows Server 2003 and with
Microsoft Windows 2000 Server.
You can use the Csvde.exe tool to
easily add many contacts to Active Directory. The Csvde.exe tool uses a
comma-separated file format that uses the first line as a header. This header
contains a comma-separated list of Active Directory attributes. The following
example header file illustrates the minimum attribute set that is required to
create a mail-enabled contact:
objectClass,dn,name,cn,sn,givenName,displayName,proxyAddresses,targetAddress,mail,mailnickname
Each set of comma-separated values for the header must be on a
single line in the Csvde.exe import file. And, each set of comma-separated
values for each contact must be on a single line in the Csvde.exe import
file.
Important The
mailnickname attribute is important. Without the
mailnickname attribute, the
E-mail Addresses tab is not
displayed in the
UserName
Properties dialog box of the user in Active Directory Users and
Computers.
The following example demonstrates the use of the header
together with example values for a SMTP contact:
objectClass,dn,name,cn,sn,givenName,displayName,proxyAddresses,targetAddress,mail,mailnickname
contact,"cn=Internet User,ou=internet users,dc=xo,dc=one",Internet User,Internet User,User,Internet,Internet User,SMTP:internetUser@remote.domain; smtp:internetuser@xo.one,SMTP:internetUser@remote.domain,internetUser@remote.domain,internetuser
After you add the contacts' attributes to the import
file, use the following command-line to import the contacts into Active
Directory.
Note The
DN attribute of the contact determines the organizational unit to
which the contact is added.
csvde –I –f importFileName.csv
Step 3: Modify the SMTP virtual server properties to remove message forwarding for unresolved recipients
To do this, follow these steps:
| a. | In Exchange System Manager, expand Administrative
Groups, expand Administrative Group Name, expand
Servers, expand
ServerName, expand
Protocols, expand SMTP, and then click the
corresponding SMTP virtual server. |
| b. | Right-click Default SMTP Virtual Server,
and then click Properties.
Note You may have to expand SMTP Virtual Servers
before you can click Default SMTP Virtual Server. |
| c. | Click the Messages tab. |
| d. | Remove any entries that are displayed in the
Forward all mail with unresolved recipients to host box, and
then click OK. |
Step 4: Create an SMTP connector to route e-mail to the remote e-mail system
To create an SMTP connector to route e-mail messages to a remote
e-mail system, follow these steps:
| a. | In Exchange System Manager, right-click
Connectors, point to New, and then click
SMTP Connector. |
| b. | In the Properties dialog box, type a name
for the new connector in the Name box. |
| c. | Click Forward all mail through this connector to
the following smart hosts, and then type the host name of the
destination computer or the IP address of the destination computer. You must
type square brackets ([ ]) around the host name or the IP address. For example,
if the IP address of the destination computer is 192.168.1.10, type
[192.168.1.10].
This computer will receive all
e-mail that is not resolved to objects in Active Directory. |
| d. | Click Add, click an Exchange server in the
Add Bridgehead dialog box, and then click
OK. |
| e. | Click the Address Space tab, click
Add, click SMTP in the Add Address
Space dialog box, and then click OK. |
| f. | In the Internet Address Space Properties
dialog box, type the shared SMTP address space in the E-mail
domain box. When you type the shared SMTP address space, not include
the at (@) symbol. For example, type
example.com in the
E-mail domain box. Then, click OK. |
| g. | Click to select the Allow messages to be relayed to
these domains check box.
Note Because Exchange must also receive messages for the shared e-mail
domain, you must let Exchange relay messages to this domain. This setting lets
all the SMTP virtual servers that are listed under Local
bridgeheads on the General tab accept messages for
the shared e-mail domain. |
| h. | Click OK. |
| i. | Follow steps a through h to create one SMTP connector for
each remote SMTP e-mail domain.
Note If one remote e-mail server routes e-mail for all the remote SMTP
e-mail domains, you only have to add all the remote SMTP domains to the
Address Space tab of a single SMTP connector. |
Step 5: Restart the Routing and SMTP services
To do this, follow these steps:
| a. | In the Services snap-in, click Start,
click Run, type services.msc, and then
click OK. |
| b. | Right-click Microsoft Exchange Routing
Engine, and then click Stop. |
| c. | Right-click Microsoft Exchange Routing
Engine, and then click Start. |
| d. | Right-click Simple Mail Transport Protocol
(SMTP), and then click Stop. |
| e. | Right-click Simple Mail Transport Protocol
(SMTP), and then click Start. |
| f. | Exit the Services snap-in. |
Back to the top
